Secure Vault: An Intrusion Prevention Model for Ender-Users

In order to provide sufficient protection against increasingly sophisticated cyber-attacks, intrusion prevention system (IPS) is explored. But in some cases, common IPS can not provide timely protection ideally for moveable end-users in a public open network environment. Therefore, we propose a secure vault model. It mainly consists of two parts: vault sensor and secure manor. In our model, a end-user in Internet can connect a network-based IPS engine conveniently. Because of secure manor introduced, all sophisticated traffics of user are protected in a close operating environment and go on in security. We describe the principle of secure vault and how to implement such model. Especially, we detail the structure of secure manor, which is the core of our model. Finally, the performance is discussed by an experiment.

[1]  Andreas Fuchsberger,et al.  Intrusion Detection Systems and Intrusion Prevention Systems , 2005, Inf. Secur. Tech. Rep..

[2]  Wenbin Zheng,et al.  Intrusion prevention system design , 2004, The Fourth International Conference onComputer and Information Technology, 2004. CIT '04..

[3]  Darko Kirovski,et al.  A Hardware-Software Platform for Intrusion Prevention , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[4]  Glenn Durfee,et al.  Practical Uses of Virtual Machines for Protection of Sensitive User Data , 2007, ISPEC.

[5]  G. Clark,et al.  Reference , 2008 .

[6]  Evangelos P. Markatos,et al.  An active splitter architecture for intrusion detection and prevention , 2006, IEEE Transactions on Dependable and Secure Computing.

[7]  Reoven Cohen On the establishment of an access VPN in broadband access networks , 2003, IEEE Commun. Mag..