Journal of the Korea Society for Simulation (한국시뮬레이션학회논문지)

The Korea Society for Simulation (한국시뮬레이션학회)
권호 표지

Security Simulation with Collaboration of Intrusion Detection System and Firewall

침입 탐지 시스템과 침입 차단 시스템의 연동을 통한 보안 시뮬레이션

  • 서희석 (성균관대학교 전기전자 및 컴퓨터공학부) ;
  • 조대호 (성균관대학교 전기전자 및 컴퓨터공학부)
  • Published : 2001.03.01
Download PDF
⟨ Previous Next ⟩

Abstract

For the prevention of the network intrusion from damaging the system, both IDS (Intrusion Detection System) and Firewall are frequently applied. The collaboration of IDS and Firewall efficiently protects the network because of making up for the weak points in the each demerit. A model has been constructed based on the DEVS (Discrete Event system Specification) formalism for the simulation of the system that consists of IDS and Firewall. With this model we can simulation whether the intrusion detection, which is a core function of IDS, is effectively done under various different conditions. As intrusions become more sophisticated, it is beyond the scope of any one IDS to deal with them. Thus we placed multiple IDS agents in the network where the information helpful for detecting the intrusions is shared among these agents to cope effectively with attackers. If an agent detects intrusions, it transfers attacker's information to a Firewall. Using this mechanism attacker's packets detected by IDS can be prevented from damaging the network.

Keywords

References

  1. Intrusion Detection - An Introduction to Internet Survillance, Correlation, Traps, Trace Back, and Response E. Amoroso
  2. Intrusion Detection R.Bace
  3. Proceedings of Command and Control Research and Technology Symposium A Distributed Autonomous-Agent Network-Intrusion Detection and Response System J. Barrus;N. C. Rowe
  4. Hacking Exposed: Network Security Secrets and Solutions S Mclure;J. Scambray;G. Kurtz
  5. Network Intrusion Detection - An Analyst's Handbook S. Northcutt
  6. International Journal of Production Research v.36 no.6 A Conceptual Framework for Interactive and Blackboard Based G. Van Zeir;J. P. Kruth;J. Detand
  7. Proceedings of the IEEE Symposium on Security and Privacy How to Systematically Classify Intrusions U. Lindqvist;E. Jonsson
  8. Proceedings of 14th National Computer Security Conference DIDS - Motivation, Architecture, and an Early Prototype S. Snapp;J. Brentano;G. Dias;L. Heberlein;C. Ho;K. Levitt;B. Mukherjee;S. Smaha;T. Grace;D.Teal;D. Mansur
  9. IEEE Network Cooperating Security Managers: A Peer-Based Intrusion Detection System G. White;E. Fisch;U. Pooch
  10. Proceedings of the 20th National Information systems securityconference EMERALD: Event Monitoring Enabling Responses to anomalous live disturbances P. Porras;P. Neumann
  11. Technical Report No. 98-05, COAST Group, Dept. of Computer Science An Architecutre for Intrusion Detection using Autonomous Agents J. Balasubramaniyan;J. Garcia-Fernandez;D.Isacoff;E. spafford;Diego Zamboni
  12. Proceddings of the 12th National Computer Security Conference A Summary of computer misuse techniques P. Neumann;D. Parker
  13. 한국시뮬레이션학회 2001년 추계 학술대회 논문집 IDS 성능 향상을 이한 DEVS 모델링 서희석;조대호
  14. 한국시뮬레이션학회 2001년 추계 학술대회 논문집 침임 탑지 시스템과 침입 차단 시스템의 연동을 통한 네트워크 보안 시뮬레이션 서희석;이용원;조대호
  15. Object-Oriented Simulation with Hierachical, Modular Models B. P. Zeigler
  16. Theory of Modelling and Simulation Bernard P. Zeigler(reissued by Krieger, 1985)
  17. IEEE trans. Syst. Man, Cybern. A v.27 Simulatio of Intellignet Hiearchical Flexible Manufacturing: Batch Job Routing in Operation Overlapping T. H. Cho;Bernard P. Zeigler
  18. 인터넷 방화벽 구축하기 D.Brent Chapman;Elizabeth D. Zwicky;채규혁(역)
  19. Proceedings. IEEE International Conferene on ICON 2000 Policy based access control framework for large networks Duan Haixin;Wu Jianping;Li Xing
  20. Proceeding of Computer software and Applications Conference 23th Annual International On A Protocol and Simulation for Distributed Communicating Firewalls Robert N. Smith;Sourav Bhattacharya
  21. Proceedings of TENCON 2000 On Firewalls Evaluation Criteria Noureldien A. Noureldien;Izzeldin M. Osman
  22. Proceeding of Computr Software and Applications Conference 24th Annual International Firewall Security : Policies, Testing and Performance Evaluation Michael R. Lyu;Lorrien K. Y. Lau