A study about dynamic intelligent network security systems to decrease by malicious traffic

Firewall and IPS(Intrusion Prevention System) do packet filtering as compare with the filtering rules that set up at security policies. This paper presents dynamic new plans to decrease by harm malice traffic for strengthening network security. It is the ways which designed at these papers. 1) The bypass passage that, first of all, is an enemy of authenticated packet at external routing. 2) Attack detection of an external router. 3) Bandwidth expansion. 4) It is attack information delivery to connected security system. 5) A generation of a filter. 6) Filtering rules setup of IPS and Firewall 7) Dynamic update of blocking filter 8 ) Dynamic network security system formation. Confirmed that it was to intelligent security system to decrease dynamic malice traffic through application of an idea about this way and the network test results at the paper.

[1]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[2]  Jens Tölle,et al.  Meta IDS environments: an event message anomaly detection approach , 2005, Third IEEE International Workshop on Information Assurance (IWIA'05).

[3]  Ray Hunt,et al.  Reactive firewalls - a new technique , 2003, Comput. Commun..

[4]  Naoaki Yamanaka,et al.  A 10 Gb/s Firewall System for Network Security in Photonic Era , 2005, IEICE Trans. Commun..

[5]  Vern Paxson,et al.  Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context , 2005, DIMVA.

[6]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.