Abstract
Automated response to intrusions has become a major issue in defending critical systems. Because the adversary can take actions at computer speeds, systems need the capability to react without human intervention. Policy-based network simplifies the many tasks associated with coordinating the resources and capabilities of the network with the business-level goals of the network administrator. This paper provides policy-based security management architecture enabling network-wide intrusion detection and automated response. And this paper provides required functionality to realize the automated response mechanism. This paper also presents security policies to facilitate security management functions in policy-based networks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
D. chnackenberg, K. Djahandari, and D. Sterne, “Infrastructure for Intrusion Detection and Response”, Proceedings of the DARPA Information Survivability Conference and Exposition, Hilton Head, SC, Jan. 2000.
D. Schnackenberg, H. Holliday, R. Smith, K. Djahandari, and D. Sterne, “Cooperative Intrusion Traceback and Response Architecture (CITRA)”, DISCEX’01, Anaheim, California, June. 2001.
S. M. Lewandowski, D. J. Van Hook, G. C. O’Leary, J. W. Haines, and L. M. Rossey, “SARA: Survivable Autonomic Response Architecture”, DISCEX’01, Anaheim, California, June. 2001.
IPHIGHWAY, Inc., “Introduction to Policy-based networking and Quality of Service”, http://www.iphighway.com.
E. Lupu and M. Sloman, “Conflicts in Policy-based Distributed Systems Management”, IEEE Transactions on Software Engineering, Vol. 25, No. 6, Nov. 1999.
A. Westerinen, J. Schnizlein, J. Strassner, M. Scherling, B. Quinn, S. Herzog, A. Huynh, M. Carlson, J. Perry, and S. Waldbusser, “Terminology for Policy-Based Management”, IETF <draft-ietf-policy-terminology-04.txt>, July 2001.
B. Moore, E. Ellesson, J. Strassner, and A. Westerinen, “Policy Core Information Model-Version 1 Specification”, IETF RFC3060, Feb. 2001.
M. Wahl, T. Howes, S. Kille, “Lightweight Directory Access Protocol (v3)”, IETF RFC 2251, Proposed Standard, Dec. 1997.
J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Rajan, A. Sastry, “The COPS (Common Open Policy Service Protocol”, IETF <draft-ietf-rap-cops-07.txt>, Aug. 1999.
P. Ferguson, D. Senie, “Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing”, IETF RFC2827, May. 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, J., Kim, K., Jang, J. (2002). Policy-Based Intrusion Detection and Automated Response Mechanism. In: Chong, I. (eds) Information Networking: Wireless Communications Technologies and Network Applications. ICOIN 2002. Lecture Notes in Computer Science, vol 2344. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45801-8_39
Download citation
DOI: https://doi.org/10.1007/3-540-45801-8_39
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44255-4
Online ISBN: 978-3-540-45801-2
eBook Packages: Springer Book Archive