Title :
Analysis and design of an intrusion tolerance node for application in traffic shaping
Author :
Baik, Nam-Kyun ; Kang, Nam-hi ; Pak, Hyeon-Mee ; Sim, Won-Tae
Author_Institution :
IT Security Evaluation Div., KISA, Seoul
Abstract :
This study analyzes performance enhancement by proposing an intrusion tolerance technique for application to traffic shaping, which is implemented by token buckets or leaky buckets, in order to design a security node that can maintain a service by tolerating network-based denial of service attacks. As a result of the analysis, the transmission ratio of the normal traffic was increased significantly by preventing system down through input traffic adjustment and by reducing the loss ratio of the harmful traffic to a great extent, in order to sustain service availability. Consequently, the outcome of the study is expected to contribute to the design of an efficient security network structure that can resist network-based service denial attacks.
Keywords :
computer networks; telecommunication security; telecommunication traffic; intrusion tolerance node; network-based denial of service attacks; security network structure; traffic shaping; Application software; Bandwidth; Computer crime; Computer security; IP networks; Information analysis; Information security; Performance analysis; Telecommunication traffic; Traffic control; denial of service(DoS); intrusion tolerance; leaky bucket; token bucket; traffic shaping;
Conference_Titel :
Control, Automation and Systems, 2008. ICCAS 2008. International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-89-950038-9-3
Electronic_ISBN :
978-89-93215-01-4
DOI :
10.1109/ICCAS.2008.4694647