Title :
Security Software Based on Windows NDIS Filter Drivers
Author :
Shin-Shung Chen ; Tzong-Yih Kuo ; Yu-Wen Chen
Author_Institution :
Dept. of Inf. Manage., China Univ. of Technol., Taipei, Taiwan
Abstract :
We present a new security software based on the NDIS filter drivers at Windows desktop computer, which focuses on filtering and dropping packets according to the snort rules released by security communities (such as Snort or Emerging Threats). TWIDS is an application designed based on the middleware of the Windows® OS, it can identify the application process that transfer packets. TWIDS can process a large number of malicious IP address in the database that it can check and drop packets effectively and improve the network security on Windows® desktop computer by using Snort related protective resources. Thus, it provides a security solution that can help to reduce the investments for network gateway and can be used by common users who used for eliminating the botnet and malware traffic. TWIDS is shared in the downloads section of the Openfoundry.org website, and it will against the spread of botnets and malware.
Keywords :
database management systems; internetworking; invasive software; microcomputers; middleware; network servers; operating systems (computers); NDIS filter drivers; Openfoundry.org Website; Snort related protective resources; Windows OS; Windows desktop computer; application process; botnet elimination; database; downloads section; dropping packets; filtering packets; malicious IP address; malware traffic elimination; middleware; network gateway; network security; security communities; security software; Bandwidth; Computers; IP networks; Information filters; Security; Software; IDS; NDIS filter driver; Snort; botnet;
Conference_Titel :
Computer Software and Applications Conference Workshops (COMPSACW), 2013 IEEE 37th Annual
Conference_Location :
Japan
DOI :
10.1109/COMPSACW.2013.36
