Title :
Micro-firewalls for dynamic network security with distributed intrusion detection
Author :
Hwang, Kai ; Gangadharan, Muralidaran
Author_Institution :
Internet & Pervasive Comput. Lab., Univ. of Southern California, Los Angeles, CA, USA
Abstract :
This paper reports the design experiences and research findings of a new distributed security architecture for protecting exposed Intranets or clusters of computers from malicious attacks. We present a new approach of building micro-firewalls on network hosts to enable distributed intrusion detection with dynamic policy change, as the threat pattern changes. This distributed security can effectively counteract attacks from intruders or insiders. Three policy-update mechanisms are evaluated for achieving dynamic security. Mobile agents are shown most scalable and robust for policy update, but prone to attacks by other agents or hosts. The CORBA has the best speed performance with lower overhead The Java-based RMI demonstrates the highest security based on the sandbox model. The optimal choice depends on the tradeoffs among operating speed, Intranet scalability, host robustness, and the security level demanded by specific network applications
Keywords :
authorisation; computer networks; security of data; software agents; CORBA; Intranet scalability; Mobile agents; RMI; clusters of computers; distributed security; distributed security architecture; dynamic policy change; dynamic security; exposed Intranets; host robustness; intrusion detection; micro-firewalls; operating speed; policy-update mechanisms; sandbox model; security level; Buildings; Computer architecture; Computer security; Distributed computing; Intrusion detection; Java; Mobile agents; Protection; Robustness; Scalability;
Conference_Titel :
Network Computing and Applications, 2001. NCA 2001. IEEE International Symposium on
Conference_Location :
Cambridge, MA
Print_ISBN :
0-7695-1432-4
DOI :
10.1109/NCA.2001.962517
