Adaptive security in computer networks

Posted on:2010-08-27

Degree:Ph.D

Type:Dissertation

University:Southern Illinois University at Carbondale

Candidate:Soewito, Benfano

Full Text:PDF

GTID:1448390002988078

Subject:Computer Science

Abstract/Summary:

Even-changing attacks require computer networks to continuously adapt to provide confidentiality, availability, and integrity for diverse system connected through them. If network security system could be dynamically reconfigured for new attacks, techniques and algorithms, computer networks would be able to provide better protection. The key challenge to achieve this adaptability is due to the lacking adaptive framework which can simultaneously consider underlying hardware platform, algorithms processing complexity, and integrating them together.;This dissertation presents a adaptive framework for Network Intrusion Detection System with the capability to detect unknown attacks, reconfigurable to new technologies, adaptable to network traffic, and easily updating. The key idea is by adding network analyzers and interdisciplinary several network security techniques into a system. The network analyzers analyze network traffic to know the characteristic of the network traffic over the time by analyzing the packets header and payload. Using this network characteristic information, a suitable intrusion detection system will be constructed.;In this dissertation, I introduce the implementation of intrusion detection system on FPGA, multiprocessor, and memory with packet pre-filtering base on part of pattern. In FPGA, the methodology to construct a high performance string matching engine was introduced. Various techniques, including multi-threading FSM design, partitioning FSM, and a novel high-speed FSM interface circuit, are developed to improve the performance of the string matching circuits. In multiprocessor, I present a workload mapping methodology for multi-core (Network Processor) security systems using a comprehensive simulation framework. With this methodology, the network engineers can be utilize the multi-core without knowledge the complicated of multi-core programming. In memory-based, I present the technique to reduce the huge memory requirement for finite state machine using state coding.;Using this framework methodology, network engineers can evaluate run-time characteristic network traffic and integrate security technologies to NIDS. Without this methodology, it will be very difficult if not impossible.

Keywords/Search Tags:

Network, Security, Computer, System, Methodology, Adaptive

Related items

1	Computer Network Security Design And Research
2	A methodology for the design of complex computer systems in agriculture and aquaculture
3	AN ADAPTIVE DECISION MAKING METHODOLOGY FOR MATERIAL HANDLING EQUIPMENT IN A COMPUTER INTEGRATED MANUFACTURING SYSTEM (CIMS, ROBOT, OPERATIONAL)
4	Enterprise Computer System Safety Improvement Progress
5	Research On Hierarchical Computer Network Security Evaluation And Protection System
6	Scalable Methodology for Performance-based Selection of Security Services for Distributed Systems
7	Design And Establishment Of The Computer Network Security Management System In Vocational Colleges
8	A methodology for the evaluation of the human-computer interface of medical expert systems
9	The Research And Implementation Of General Security Management System In Mobile Data Communication Networks
10	Construction Bank Of Computer Network Information System Security Management Strategy Study