A Defense Security Approach for Infrastructures against Hacking

Currently, the advances in communication technologies as an underlying infrastructure has become essential assist to the business industry, which eases the access to information, and exchanging of data. However, the reliance on these technologies comes with great risk. One of the major security concerns is "Hacking". Much of security solutions are suggested and practically deployed to reduce the risk of hacking. However, recent successful hacking attempts prove the inability of these systems to address that issue. We propose a dynamic security approach for the entire infrastructure that runs on network layer. The conceptual design of this approach addresses hacking by providing ambiguity and obfuscation in the communication within the infrastructure, which targets the three pre-hacking steps.

[1]  Tadeusz Pietraszek,et al.  Data mining and machine learning - Towards reducing false positives in intrusion detection , 2005, Inf. Secur. Tech. Rep..

[2]  Lance Spitzner,et al.  The Honeynet Project: Trapping the Hackers , 2003, IEEE Secur. Priv..

[3]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[4]  B Busby Security on the Internet. , 1997, Health physics.

[5]  Meharouech Sourour,et al.  Environmental awareness intrusion detection and prevention system toward reducing false positives and false negatives , 2009, 2009 IEEE Symposium on Computational Intelligence in Cyber Security.

[6]  Geng Yang,et al.  Honeypots in blackhat mode and its implications [computer security] , 2003, Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies.

[7]  L. Spitzner,et al.  Honeypots: Tracking Hackers , 2002 .

[8]  Mohamed G. Gouda,et al.  Diverse Firewall Design , 2008, IEEE Trans. Parallel Distributed Syst..

[9]  William Yurcik,et al.  Ethical hacking: the security justification redux , 2002, IEEE 2002 International Symposium on Technology and Society (ISTAS'02). Social Implications of Information and Communication Technology. Proceedings (Cat. No.02CH37293).

[10]  Giovanni Vigna,et al.  An experience developing an IDS stimulator for the black-box testing of network intrusion detection systems , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[11]  Yan Zhang,et al.  The Design and Implementation of Host-Based Intrusion Detection System , 2010, 2010 Third International Symposium on Intelligent Information Technology and Security Informatics.

[12]  Jian Bao,et al.  Research on network security of defense based on Honeypot , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[13]  Stefan Savage,et al.  The Spread of the Sapphire/Slammer Worm , 2003 .

[14]  Tom Markham,et al.  Architecture and applications for a distributed embedded firewall , 2001, Seventeenth Annual Computer Security Applications Conference.

[15]  Gerald A. Marin Network Security Basics , 2005, IEEE Secur. Priv..

[16]  Zhang Li-juan Honeypot-based defense system research and design , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[17]  Mohamed G. Gouda,et al.  Firewall Policy Queries , 2009, IEEE Transactions on Parallel and Distributed Systems.

[18]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[19]  Allen Kent,et al.  The Froehlich/Kent encyclopedia of telecommunications , 1991 .

[20]  Stuart McClure,et al.  Hacking Exposed; Network Security Secrets and Solutions , 1999 .

[21]  Avishai Wool,et al.  Firmato: A novel firewall management toolkit , 2004, TOCS.