A distributed firewall and active response architecture providing preemptive protection

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A distributed firewall and active response architecture providing preemptive protection

Full text

Pdf (1.59 MB)

Source

ACM Southeast Regional Conference archive
Proceedings of the 46th Annual Southeast Regional Conference on XX table of contents

Auburn, Alabama

SESSION: Network and system security table of contents

Pages 220-225

Year of Publication: 2008

ISBN:978-1-60558-105-7

Authors

J. Lane Thames	Georgia Institute of Technology, Savannah, GA
Randal Abler	Georgia Institute of Technology, Savannah, GA
David Keeling	Georgia Institute of Technology, Savannah, GA

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 32, Downloads (12 Months): 48, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1593105.1593162 What is a DOI?

ABSTRACT

Firewalls provide very good network security features. However, classical perimeter firewall deployments suffer from limitations due to complex network topologies and the inability to completely trust insiders of the network. Distributed firewalls are designed for alleviating these limitations. Intrusion detection is a mature technology and is very powerful when coupled with active response, which is the act of responding to intrusions without the need of human advisory. This paper describes an architecture that implements a distributed firewall with distributed active response. A fundamental result of the architecture is that it can provide proactive and preemptive security for hosts that deploy the system. Using the open-source software framework, the software implementing this proposed system will be provided to the research community so that the architecture can be extended by other researchers and so that newcomers to network security can start investigating security concepts quickly.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Axelsson, S., Intrusion Detection Systems: A Survey and Taxonomy, Technical Report, pp. 99--115, Dept. of Computer Engineering, Chalmers University of Technology, Sweden, March 2000
	2	Bellovin, S. M., Distributed Firewalls,; login:, Vol. 24, pp. 37--47, November 1999
	3	Sotiris Ioannidis , Angelos D. Keromytis , Steve M. Bellovin , Jonathan M. Smith, Implementing a distributed firewall, Proceedings of the 7th ACM conference on Computer and communications security, p.190-199, November 01-04, 2000, Athens, Greece [doi>10.1145/352600.353052]
	4	Robert N. Smith , Yu Chen , Sourav Bhattacharya, Cascade of Distributed and Cooperating Firewalls in a Secure Data Network, IEEE Transactions on Knowledge and Data Engineering, v.15 n.5, p.1307-1315, September 2003 [doi>10.1109/TKDE.2003.1232280]
	5	Zou, C., Towsley, D., Weibo, G., A Firewall Network System for Worm Defense in Enterprise Networks, Technical Report: TR-04-CSE-01, University of Massachusetts, Amherst, 2004
	6	Iptables Firewall, http://www.netfilter.org/
	7	SNORT IDS, http://www.snort.org/