An integrated model for intranet security using prevention and detection techniques

This paper presents a new model for securing an intranet, connected to the Internet, based on a hybrid technique. The model integrates two security modules; the prevention module and the detection module. The proposed model provides a dynamic binding between the two modules. A comparison between the proposed model and the classical security techniques proved the effectiveness of the new model.

[1]  S.M. Bellovin,et al.  Network firewalls , 1994, IEEE Communications Magazine.

[2]  Harold S. Javitz,et al.  The SRI IDES statistical anomaly detector , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.

[4]  Biswanath Mukherjee,et al.  DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype , 1997 .

[5]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[6]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[7]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.