Title :
The time element in proactive network defense systems
Author :
Pattinson, Colin ; Hajdarevic, Kemal ; Hadzic, Amela
Author_Institution :
Fac. of Art, Environ. & Technol., Leeds Metropolitan Univ., Leeds, UK
Abstract :
Identifying and detecting security threats such as Trojans, resource starvation, and Denial of Service (DoS) attacks in their early stages are major challenges in delivering computer security because starvation of specific resource such as hard disk as an example does not necessary deny specific service on the network. As with any computer application, installation of a Trojan leaves a “footprint” on the systems resources such as MIB data base explained and referenced in this paper. Effects of resource starvation and DoS attacks can be resolved proactively by monitoring communication traffic. The detector must be able to recognize the symptoms against a background of a range of other (“safe”) activities, which also consume system resources. Therefore, we wished to explore the potential of an economical approach that explicitly takes into account resources used. We presented general phases of above described attacks which can be used for creating metrics to measure proactive capabilities of similar systems for intrusion detection / prevention.
Keywords :
invasive software; DoS; MIB data base; Trojans; communication traffic monitoring; computer application; computer security; denial of service; economical approach; proactive capabilities measurement; proactive network defense systems; resource starvation; security threats detection; time element; Anomaly detection; Management Information Base; Network security;
Conference_Titel :
Information Technology Interfaces (ITI), Proceedings of the ITI 2011 33rd International Conference on
Conference_Location :
Dubrovnik
Print_ISBN :
978-1-61284-897-6
Electronic_ISBN :
1330-1012
