Title :
Cooperative Intrusion Traceback and Response Architecture (CITRA)
Author :
Schnackengerg, D. ; Holliday, Harley ; Smith, Randall ; Djahandari, Kelly ; Sterne, Dan
Author_Institution :
Phantom Works, Boeing Co., Seattle, WA, USA
Abstract :
The Cooperative Intrusion Traceback and Response Architecture (CITRA) was originally developed as an infrastructure for integrating network-based intrusion detection systems, firewalls, and routers to trace attacks back to their true source and block the attacks close to that source. Prototype implementations of CITRA have proven useful for integrating other security mechanisms in support of automated response to both intrusions and other changes in security status of a system. This paper provides an overview of CITRA policy mechanisms and how CITRA integrates diverse security technologies to improve system defense
Keywords :
computer network management; security of data; software architecture; supervisory programs; system monitoring; CITRA; CITRA policy mechanisms; Cooperative Intrusion Traceback and Response Architecture; firewalls; network-based intrusion detection systems; routers; security technologies; system defense; Automatic control; Contracts; Humans; Imaging phantoms; Information analysis; Intrusion detection; Protocols; Prototypes; Software prototyping; Switches;
Conference_Titel :
DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
Conference_Location :
Anaheim, CA
Print_ISBN :
0-7695-1212-7
DOI :
10.1109/DISCEX.2001.932192
