SECUROUTER - A NOVEL DYNAMIC FIREWALL SYSTEM EMBEDDED WITH IDS INTEGRATION
As the traditional firewalls filter only the known types of attacks through blocking the packets sent from/to designated IP addresses or ports, only static and very limited protection are provided.A security framework with a double-homed host (SecuRouter) at its core, which is a firewall that could dynamically modify its rule set from the notification messages sent by the legitimate intrusion detection agents running in the protected LAN, is presented in the paper.Through providing a uniform interface with these algorithm-independent intrusion detection modules, the approach shows a better adaptability and extensibility.Provided along with the framework is a packet logging mechanism, with which help further off-line analysis of the network traffic can be easily implemented.
Firewall SecuRouter Intrusion Detection Double-Homed Host
JIN SHU DAI HONG-BIN ZHU CHAO
SAC Rail-Transit Engineering Co.,LTD Nanjing SAC Rail-Transit Engineering Co.,LTD
国际会议
成都
英文
2359-2363
2011-11-25(万方平台首次上网日期,不代表论文的发表时间)