Title :
LDLB: A light intrusion prevention system in data link layer
Author :
Zhao, Kuo ; Ren, Fei ; Nurbol ; Hu, Liang
Author_Institution :
Dept. of Comput. Sci. & Technol., Jilin Univ., Changchun
Abstract :
Intrusion detection systems (IDS) are fundamentally passive and fail-open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intrusion prevention system (IPS) is deployed in-line with its capability to provide real-time and active defense. It makes attempts to stop attacks. This paper presents the design and implementation of LDLB: a light intrusion prevention system in data link layer, which is composed of packet filter module, intrusion detection module and intrusion prevention module. It doesnpsilat perform any modification on the passing packets as well as bridge so it is transparent for intruders. Additionally, its configuration and deployment strategy are also discussed. In short, LDLB provides synthesis security prevention in data link layer.
Keywords :
programming; security of data; LDLB; active defense; data link layer; intrusion detection systems; light intrusion prevention system; packet filter module; synthesis security prevention; Application software; Bridges; Data security; Information filtering; Information filters; Intrusion detection; Libraries; Operating systems; Protection; Telecommunication traffic; data link layer; intrusion prevention; transparent;
Conference_Titel :
Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on
Conference_Location :
Guiyang
Print_ISBN :
978-1-4244-2584-6
Electronic_ISBN :
978-1-4244-2585-3
DOI :
10.1109/IWASID.2008.4688372
