A Model of Network Security with Prevention Capability by Using Decoy Technique
Authors: Supachai Tangwongsan, Labhidhorn Pangphuthipong
Abstract:
This research work proposes a model of network security systems aiming to prevent production system in a data center from being attacked by intrusions. Conceptually, we introduce a decoy system as a part of the security system for luring intrusions, and apply network intrusion detection (NIDS), coupled with the decoy system to perform intrusion prevention. When NIDS detects an activity of intrusions, it will signal a redirection module to redirect all malicious traffics to attack the decoy system instead, and hence the production system is protected and safe. However, in a normal situation, traffic will be simply forwarded to the production system as usual. Furthermore, we assess the performance of the model with various bandwidths, packet sizes and inter-attack intervals (attacking frequencies).
Keywords: Intrusion detection, Decoy, Snort, Intrusion prevention.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1075280
Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1755References:
[1] Herve Debar, Marc Dacier and Andreas Wespi, Towards a Taxonomy of Intrusion Detection Systems, IBM Research Division, Zurich Research Laboratory, Switzerland, 1998.
[2] Rebecca Bace and Peter Mell, Intrusion Detection Systems, National Institute of Standard Technology, 2001.
[3] Joseph S. Sherif and Tommy G. Dearmond, Intrusion Detection: Systems and Models, Califinia Institute of Technology, JPL, USA, IEEE 2002.
[4] Neil Desai, Increasing Performance in High Speed NIDS, Snort Official Website,
[http://www.snort.org/]; 2002.
[5] Jack Koziol, Intrusion Detection with Snort, Sam Publishing, 2003.
[6] Zhi-Hong Tian, Bin-Xing Fang, Xiao-Chun Yun, An Architecture for Intrusion Detection using Honey Pot. National Computer Information Content Security Key Laboratory, Harbin University of Technology, China, IEEE 2003.
[7] Jack Whitsitt and Alberto Gonzalez, The Bait and Switch Honeypot, (http://baitnswitch.sourceforge.net/); 2003.
[8] Carl Endorf, Eugene Schultz and Jim Mellander, Intrusion Detection & Prevention, McGraw-Hill / Osborne, 2004.
[9] Leonardo Lemes Fagundes, Luciano Paschoal Gaspary, Network-based Intrusion detection systems Evaluation through a Short Term Experimental Script, IEEE 2004.
[10] Alexey N. Kuznetsov, IPROUTE2 Utility Suite Documentation, (http://www.policyrouting.org/iproute2.doc.html).