Article

Article title MATHEMATICAL MODEL OF INTRUSION-TOLERANT SECURITY SYSTEM ARCHITECTURE
Authors I.Yu. Polovko, E.S. Abramov
Section SECTION II. SECURITY OF INFORMATION SYSTEMS AND NETWORKS
Month, Year 11, 2010 @en
Index UDC 681.324
DOI
Abstract Given a network that deploys multiple firewalls and network intrusion detection systems (СОАs), ensuring that these security components are correctly configured is a challenging problem. Although models have been developed to reason independently about the effectiveness of firewalls and СОАs, there is no common framework to analyze their interaction. This paper presents an integrated, constraint-based approach for modeling and reasoning about these configurations. Our approach considers the dependencies among the two types of components, and can reason automatically about their combined behavior.

Download PDF

Keywords Formal specification and analysis; network intrusion detection; firewalls; network configuration and security.
References 1. Guttman J.D. Filtering postures: Local enforcement for global policies.
2. Guttman J.D., Herzog A.L. Rigorous automated network security man.
3. Com. 3Com Embedded Firewall. Software for the 3CR990 Network Interface Card (NIC) Family, Dec. – 2001.
4. Roesch M. Snort: Lightweight intrusion detection for networks.
5. Porras P., Neumann P. EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In Proceedings of the 20th National Information Systems Security Conference, Baltimore, MD, Oct. 1997. – Р. 353-365.
6. Cheadle M., Harvey W., Sadler A.J., Schimpf J., Shen K., Wallace M.G. ECLiPSe: An Introduction. Technical Report IC-Parc-03-1, IC-Parc, Imperial College London, 2003.

Comments are closed.