Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2003.10C.1.001

A Secure Communication Framework for the Detection System of Network Vulnerability Scan Attacks  

You, Il-Sun (단국대학교 대학원)
Kim, Jong-Eun (단국대학교 대학원)
Cho, Kyung-San (단국대학교 정보컴퓨터학부)
Publication Information
The KIPS Transactions:PartC / v.10C, no.1, 2003 , pp. 1-10 More about this Journal
Abstract
In this paper, we propose a secure communication framework for interaction and information sharing between a server and agents in DS-NVSA(Detection System of Network Vulnerability Scan Attacks) proposed in〔1〕. For the scalability and interoperability with other detection systems, we design the proposed IDMEF and IAP that have been drafted by IDWG. We adapt IDMEF and IAP to the proposed framework and provide SKTLS(Symmetric Key based Transport Layer Security Protocol) for the network environment that cannot afford to support public-key infrastructure. Our framework provides the reusability of heterogeneous intrusion detection systems and enables the scope of intrusion detection to be extended. Also it can be used as a framework for ESM(Enterprise Security Management) system.
Keywords
intrusion Detection; Network Vulnerability Analysis; Network Security;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Mark Wood and Michael Erlinger, 'Intrusion Detection Message Exchange Requirements,, 2002
2 Peng Ning, Sushil Jajodia and Sean Wang, 'Abstraction based Intrusion Detection in Distributed Environments,' ACM Transactions on Information and System Security(TISSEC), Vol.4, Issue.4, pp.407-452, 2001   DOI
3 Stephen Northcutt, 'Intelligence Gathering Techniques,' http://www.microsoft.com/technet/security/intel.asp
4 Pollock, et al., 'Implementing the Intrusion Detection Exchange Protocol,' Proceedings of the 17th Annual Computer Security Applications Conference, http://www.acsac.org/2001/papers/67.pdf, 2001   DOI
5 B.Feinstein, G.Matthews, and J.White, 'The Intrusion Detection Exchange Protocol(IDXP),, 2002
6 Clifford Kahn, Don Bolinger and Dan Schnackenberg, 'A Common Intrusion Detection Framework,' 1998, http://www.isi.edu/~brain/cidf/drafts/communication.txt
7 Wenke Lee, et al., 'A Data Mining and CIDF Based Approach for Detecting Nobel and distributed Intrusions,' Proceedings of the 3rd International Workshop on the Recent Advances in Intrusion Detection, pp.49-65, 2000
8 II-Sun You and Kyoungsan Cho, 'An Improved Detection System for the Network Vulnerability Scan Attacks,' The KIPS Transations : Part C, Vol.8-C, No. 5, pp.543-550, 2001   과학기술학회마을
9 Korea Information Security Agency, 'Analysis of Large Scale Network Vulnerability Scan Attacks and Implementation of the Scan-Detection tool,' 1999, http://www.certcc.or.kr
10 Korea Information Security Agency, '2001 Security incident Statistic in Korea,' 2001, http://www.certcc.or.kr.
11 D.Curry, H.Debar, 'Intrusion Detection Message Exchange Format data Model and Extensible Markup Language(XML) Document Type Difinition,, 2002
12 Dipankar Gupta, 'IAP:Intrusion Alert Protocol,, 2001
13 Fielding, et al., 'Hypertest Transfer Protocol-HTTP/1.1,' RFC 2616, 1999
14 J.Kim and P.Bentley, 'The Artificial immune Model for Network Intrusion Detection,'7th European Congress on intelligent Techniques and Soft Computing(EUFIT'99), http://www.cs.ucl.ac.uk/stuff/J.Kim/publication.html, 1999
15 Dierks,T. and C.Allen, 'The TLS Protocol Version1.0,' RFC2246, 1999
16 Rich Feiertag, et al., 'A Common Intrusion Specification Language(CISL),' http://www.isi.edu/~brain/cidf/drafts/language.txt. 1999
17 G.Mansfiled and D.Curr, 'Intrusion Detection Message Exchange Format Comparison of SMI and XML Implementions,, 2000
18 http://www.isi.edu/~brain/cidf/