Title :
A Honeynet-Based Firewall Scheme with Initiative Security Strategies
Author :
Wang, Bo ; Zhu, Ping ; Wen, Qiaoyan ; Yu, Xiaojun
Author_Institution :
State Key Lab. of Networking & Switching, Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
With the rapid development of network technology, a variety of new attack methods to the network come out endlessly. Traditional firewalls, depending on the static feature data base, have more and more limitations to these attacks. To alleviate this problem, in this paper we propose a honeynet-based firewall scheme with initiative security strategies. In this scheme, the data-analyzing module can timely discover new attack behaviors by analyzing the output result of honeynet with data-mining technology, and furthermore, according to these findings the rule-learning module can dynamically create new defend rules and apply these rules to the firewall. In this way, the firewall keeps enriching its security strategies that greatly enhance its ability to defend new attacks. This paper gives a detailed description and discussion on the new firewall scheme. Compared with other joint-defense technologies, our firewall scheme has more advantages, can response more quickly and accurately to the unknown attacks and being more secure for internal.
Keywords :
authorisation; data analysis; data mining; data-analyzing module; data-mining technology; honeynet-based firewall scheme; initiative security strategies; joint-defense technologies; rule-learning module; Computer hacking; Data analysis; Data security; Intrusion detection; Laboratories; Paper technology; Software libraries; Telecommunication switching; Usability;
Conference_Titel :
Computer Network and Multimedia Technology, 2009. CNMT 2009. International Symposium on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-5272-9
DOI :
10.1109/CNMT.2009.5374492
