• DocumentCode
    3456067
  • Title

    The LAIDS/LIDS framework for systematic IPS design

  • Author

    Chung, Simon P. ; Mok, Aloysius K.

  • Author_Institution
    Dept. of Comput. Sci., Univ. of Texas at Austin, TX
  • fYear
    2006
  • fDate
    13-14 April 2006
  • Lastpage
    11
  • Abstract
    The recent outbreaks of extremely fast spreading worms highlight the inadequacy of the current patching approach. Intrusion prevention systems (IPSs) that automatically generate and apply protection to client systems have been proposed as a solution. Despite all the effort in this area, the design of IPSs remains a difficult, ad hoc process. In this paper, we propose the LAIDS/LIDS framework for systematic design of IPS. A major advantage of our framework is that IPSs designed in this framework have a very simple countermeasure-generation process. To better illustrate our idea, we have implemented a prototype IPS, the Lazy Shepherding IPS, based on our framework. Evaluation shows that the prototype is effective against all tested attacks, and incurs an overhead of less than 3% when it is configured to defend against a large number of attacks. Our prototype also avoids a lot of practical problems faced by many other IPSs
  • Keywords
    security of data; LAIDS/LIDS framework; Lazy Shepherding IPS; client systems; intrusion prevention systems; Computer worms; Concrete; Contracts; Detectors; Face detection; Intrusion detection; Phase detection; Protection; Prototypes; Testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Assurance, 2006. IWIA 2006. Fourth IEEE International Workshop on
  • Conference_Location
    London
  • Print_ISBN
    0-7695-2564-4
  • Type

    conf

  • DOI
    10.1109/IWIA.2006.21
  • Filename
    1609996
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3456067