Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 30172
Network Based Intrusion Detection and Prevention Systems in IP-Level Security Protocols

Authors: R. Kabila

Abstract:

IPsec has now become a standard information security technology throughout the Internet society. It provides a well-defined architecture that takes into account confidentiality, authentication, integrity, secure key exchange and protection mechanism against replay attack also. For the connectionless security services on packet basis, IETF IPsec Working Group has standardized two extension headers (AH&ESP), key exchange and authentication protocols. It is also working on lightweight key exchange protocol and MIB's for security management. IPsec technology has been implemented on various platforms in IPv4 and IPv6, gradually replacing old application-specific security mechanisms. IPv4 and IPv6 are not directly compatible, so programs and systems designed to one standard can not communicate with those designed to the other. We propose the design and implementation of controlled Internet security system, which is IPsec-based Internet information security system in IPv4/IPv6 network and also we show the data of performance measurement. With the features like improved scalability and routing, security, ease-of-configuration, and higher performance of IPv6, the controlled Internet security system provides consistent security policy and integrated security management on IPsec-based Internet security system.

Keywords: IDS, IPS, IP-Sec, IPv6, IPv4, VPN.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1083489

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 4019

References:


[1] RFC 1933: Transition Mechanisms for IPv6 Hosts and Routers
[2] RFC 2529: Transmission of IPv6 preko IPv4 Domains without Explicit Tunnels
[3] RFC 1853: IP in IP Tunneling
[4] RFC 3056: Connection of IPv6 Domains via IPv4 Clouds
[5] RFC 2402: IP Authentication Header (AH)
[6] RFC 2406: IP Encapsualtion Security Payload (ESP)
[7] RFC2460: Internet Protocol, Version 6 (IPv6) Specification
[8] RFC 2409 The Internet Key Exchange (IKE)
[9] RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP).
[10] Bill McCarty, Red Hat Linux Firewalls, Wiley Publishing, Indianapolis, Indiana, 2003
[11] N. Sklavos, and O. Koufopavlou, Mobile Communications World: Security Implementations Aspects-A State of the Art, World: Security Implementations Aspects-A State of the Art, CSJM Journal, Institute of Mathematics and Computer Science,
[12] Bace, Rebecca, Intrusion Detection, Macmillan Technical Publishing, 2000.
[13] Bejtlich, Richard, Extrusion Detection, Addison-Wesley, 2005.
[14] Bejtlich, Richard, The Tao of Network Security Monitoring: Beyond Intrusion Detection,Addison-Wesley, 2004.
[15] Crothers, Tim, Implementing Intrusion Detection Systems: A Hands-On Guide for Securing the Network, 2002.
[16] Endorf, Carl et al, Intrusion Detection and Prevention, McGraw-Hill Osborne Media, 2003.
[17] Kruegel, Chris et al, Intrusion Detection and Correlation: Challenges and Solutions,Springer,2004.
[18] Nazario, Jose, Defense and Detection Strategies against Internet Worms, Artech House Publishers, 2003.
[19] Northcutt, Stephen and Novak, Judy, Network Intrusion Detection: An Analyst-s Handbook,Third Edition, New Riders, 2003
[20] Rash, Michael et al, Intrusion Prevention and Active Response: Deployment Network and Host IPS, Syngress, 2005.
[21] K. Wang and S.J. Stolfo, "Anomalous Payload-Based Network Intrusion Detection," Proc. Seventh Int'l Symp. Recent Advanced in Intrusion Detection (RAID), Sept. 2004.