Abstract
Network protection should be a number one priority on every network operator’s list. Even the best network is useless, if an intruder can gain control. Although the research community has been working in this field for decades, we are still at a far remove from networks where successful attacks are the exception. Scant deployment of security solutions is not the only reason. The fast evolution of protocols and applications and the permanent emergence of new attacks build an extremely dynamic environment in which protection becomes a tough challenge. Classical attack prevention techniques are not sufficient to deal with new and unexpected incidents. The immense administrative burden on users and providers calls for automation of security tasks and protection features as an integral part of future networks. However, network self-protection requires permanent awareness and the flexibility to re-act. Sophisticated observation and analysis techniques, cooperation, and information sharing together with learning concepts are crucial to achieve this goal. Autonomic communication provides a framework in which self-protection concepts can be developed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AirCERT. http://aircert.sourceforge.net/.
P. D. Amer and L. N. Cassel. Management of sampled real-time network measurements. In 14th Conference on Local Computer Networks, October 1989.
M. Badra. NETCONF over Transport Layer Security (TLS), February 2008. Internet Draft, work in progress.
S. Bansal and M. Baker. Observation-Based Cooperation Enforcement in ad hoc Networks, 2003.
M. Bjorklund (ed.). YANG – A data modeling language for NETCONF, January 2009. Internet Draft, work in progress.
H. Bos, W. de Bruijn, M. Cristea, T. Nguyen, and G. Portokalidis. FFPF: Fairly Fast Packet Filters. In Proceedings of OSDI’04, 2004.
S. Buchegger and J.-Y. L. Boudec. Performance analysis of the CONFIDANT protocol: Cooperation of nodes—fairness in dynamic ad-hoc networks. In Proceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Lausanne, Switzerland, June 2002. IEEE.
J. Buford, R. Kumar, and G. Perkins. Composition trust bindings in pervasive computing service composition. In PERCOMW ’06: Proceedings of the 4th annual IEEE international conference on Pervasive Computing and ommunications Workshops, p. 261, Washington, DC, USA, 2006. IEEE Computer Society.
L. Buttyán and J. Hubaux. Nuglets: A Virtual Currency to Stimulate Cooperation in Self-Organized ad hoc Networks. Technical Report DSC/2001, 2001.
D. Chakraborty, A. Joshi, T. Finin, and Y. Yesha. Service composition for mobile environments. J. Mobile Netw. Appl., Special Issue on Mobile Services, 10(4): 435–451, January 2005.
B.-Y. Choi, J. Park, and Z.-L. Zhang. Adaptive random sampling for load change detection. SIGMETRICS Perform. Eval. Rev., 30(1): 272–273, 2002.
K. C. Claffy, G. C. Polyzos, and H. W. Braun. Application of sampling methodologies to network traffic characterization. In ACM SIGCOMM, pp. 194–203, 1993.
B. Claise. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information. RFC 5101 (Proposed Standard), January 2008.
E. M. J. Clarke, O. Grumberg, and D. A. Peled. Model Checking. The MIT Press, Cambridge, Massachusetts and London, England, 1999.
J. Coppens, S. D. Smet, S. V. den Berghe, F. D. Turck, and P. Demeester. Performance evaluation of a probabilistic packet filter optimization algorithm for high-speed network monitoring. In HSNMC, pp. 120–131, 2004.
The DAG project. http://dag.cs.waikato.ac.nz.
L. Deri. nprobe: an open source netflow probe for gigabit networks. In Proc. of Terena TNC2003, 2003.
S. Dobson, S. Denazis, A. Fernà ndez, D. Gaà ti, E. Gelenbe, F. Massacci, P. Nixon, F. Saffre, N. Schmidt, and F. Zambonelli. A survey of autonomic communications. ACM Trans. Auton. Adapt. Syst., 1(2): 223–259, 2006.
J. Drobisz and K. J. Christensen. Adaptive sampling methods to determine network traffic statistics including the hurst parameter. In LCN, pp. 238–248, 1998.
N. Duffield. Sampling for passive internet measurement: A review. In Statistical Science, Vol. 19, pp. 472–498, 2004.
N. Duffield, C. Lund, and M. Thorup. Charging from sampled network usage. In Proc. Internet Measurement Workshop, November 2001.
N. Duffield, C. Lund, and M. Thorup. Properties and prediction of flow statistics from sampled packet streams. In ACM SIGCOMM Internet Measurement Workshop, 2002.
N. G. Duffield and M. Grossglauser. Trajectory sampling for direct traffic observation. In SIGCOMM, pp. 271–282, 2000.
S. Dustdar and W. Schreiner. A survey on web services composition. IJWGS, 1(1): 1–30, 2005.
Endace measurement systems. http://www.endace.com.
R. Enns. NETCONF Configuration Protocol. RFC 4741 (Proposed Standard), December 2006.
F. Ergun, S. Mittra, S. C. Sahinalp, J. Sharp, and R. K. Sinha. A dynamic lookup scheme for bursty access patterns. In INFOCOM, pp. 1444–1453, 2001.
C. Estan, K. Keys, D. Moore, and G. Varghese. Building a better NetFlow. In SIGCOMM, 2004.
C. Estan and G. Varghese. New directions in traffic measurement and accounting: focusing on the elephants, ignoring the mice. ACM Trans. Comput. Syst., 21(3): 270–313, 2003.
W. Fang and L. Peterson. Inter-as traffic patterns and their implications. In Global Telecommunications Conference, December 1999.
A. Feldmann and S. Muthukrishnan. Tradeoffs for packet classification. In INFOCOM, pp. 1193–1202, 2000.
R. T. Fielding. Architectural Styles and the Design of Network-based Software Architectures. PhD thesis, University of California, Irvine, 2000.
C. Fraleigh, C. Diot, B. Lyles, S. Moon, P. Owezarski, D. Papagiannaki, and F. Tobagi. Design and deployment of a passive monitoring infrastructure. Lecture Notes in Computer Science, 2170: 556+, 2001.
T. Goddard. Using NETCONF over the Simple Object Access Protocol (SOAP). RFC 4743 (Proposed Standard), December 2006.
I. D. Graham, S. F. Donnelly, S. Martin, J. Martens, and J. G. Cleary. Nonintrusive and accurate measurement of unidirectional delay and delay variation on the internet. In INET, 1998.
N. Hohn and D. Veitch. Inverting sampled traffic. ACM SIGCOMM internet measurement conference (IMC 2003), Miami Beach, Florida, USA, October 2003.
G. Iannaccone, C. Diot, I. Graham, and N. McKeown. Monitoring very high speed links. In ACM Internet Measurement Workshop, 2001.
IBM. An architectural blueprint for autonomic computing. white paper, IBM, 2006.
C. Jacob, H. Pfeffer, L. Zhang, and S. Steglich. Establishing service communities in peer-to-peer networks. In 1st IEEE International Peer-to-Peer for Handheld Devices Workshop CCNC 2008, Las Vegas, NV, USA, January 10–12 2008.
J. Koehler, C. Giblin, D. Gantenbein, and R. Hauser. On Autonomic Computing Architectures, 2003.
A. Kumar, J. Xu, J. Wang, O. Spatscheck, and L. Li. Space-code bloom filter for efficient per-flow traffic measurement. In Infocom, 2004.
E. Lear and K. Crozier. Using the NETCONF Protocol over the Blocks Extensible Exchange Protocol (BEEP). RFC 4744 (Proposed Standard), December 2006.
D. Linner, H. Pfeffer, A. Kress, S. Kruessel, and S. Steglich. SmartWare, 2008.
D. Linner, H. Pfeffer, I. Radusch, and S. Steglich. Biology as Inspiration towards a new Service Life-Cycle. In Proceedings of the 4th IEEE International Conference on Autonomic and Trusted Computing (ATC’07), ISBN: 978-3-540-73546-5, pp. 94–102, Hong Kong, China, July 11–13 2007.
D. Linner, H. Pfeffer, and S. Steglich. A genetic algorithm for the adaptation of service compositions. In Proceedings of the 2nd International Conference on Bio-Inspired Models of Network, Information, and Computing Systems, 2007.
D. Linner, I. Radusch, S. Steglich, and C. Jacob. The semantic data space for loosely coupled service provisioning.In ISADS ’07: Proceedings of the Eighth International Symposium on Autonomous Decentralized Systems, pp. 97–104, Washington, DC, USA, 2007. IEEE Computer Society.
S. McCanne, V. Jacobson, C. Leres. tcpdump manual page, 2001. Lawrence Berkeley National Laboratory, University of California, Berkeley, CA, USA.
B. Miller. The Autonomic Computing Edge: Can you Chop Up Autonomic Computing? Technical report, IBM, 2008. available at http://www.ibm.com/developerworks/autonomic/library/ac-edge4/.
G. Muenz and B. Claise. Configuration Data Model for IPFIX and PSAMP, November 2008. Internet Draft, work in progress.
J.-Y. Pan, S. Seshan, and C. Faloutsos. FastCARS: Fast, Correlation-Aware Sampling for Network Data Mining. In Proceedings of IEEE GlobeCOM 2002 – Global Internet Symposium, 2002.
A. Patcha and J.-M. Park. An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw., 51(12): 3448–3470, 2007.
H. Pfeffer, D. Linner, I. Radusch, and S. Steglich. The bio-inspired Service Life-Cycle: an overview. In Proceedings of the 3rd IEEE International Conference on Autonomic and Autonomous Systems (ICAS’07), Athens, Greece, June 19–15 2007.
A. Pietzowski, B. Satzger, W. Trumler, and T. Ungerer. A bio-inspired approach for self-protecting an organic middleware with artificial antibodies. In IWSOS/EuroNGI, pp. 202–215, 2006.
A. Pietzowski, B. Satzger, W. Trumler, and T. Ungerer. Using positive and negative selection from immunology for detection of anomalies in a self-protecting middleware. In 36th annual conference of the Gesellschaft für Informatik e.V. (GI), Informatik für Menschen, INFORMATIK 2006, Vol. P-93 of LNI, Dresden, Germany, October 2006.
A. Pietzowski, W. Trumler, and T. Ungerer. An artificial immune system and its integration into an organic middleware for self-protection. In M. Cattolico (ed.), GECCO, pp. 129–130. ACM, 2006.
J. Rao and X. Su. A survey of automated web service composition methods. In SWSWPC, pp. 43–54, 2004.
C. Schmoll. Dynamically configurable network meter for accounting in ip-based networks. Diploma thesis, Technical University Berlin, December 2001.
SNORT. http://www.snort.org/.
V. Srinivasan. A packet classification and filter management system. In INFOCOM, pp. 1464–1473, 2001.
R. Sterritt and D. Bustard. Towards an autonomic computing environment. In DEXA ’03: Proceedings of the 14th International Workshop on Database and Expert Systems Applications, p. 699, Washington, DC, USA, 2003. IEEE Computer Society.
R. Sterritt, M. Parashar, H. Tianfield, and R. Unland. A concise introduction to autonomic computing. Advanced Engineering Informatics, 19(3): 181–187, 2005.
M. P. Stoecklin, A. Kind, and J.-Y. L. Boudec. Dynamic adaptation of flow information granularity for incident analysis. In CERT FloCon Workshop, 2008.
B. Trammell, E. Boschi, L. Mark, T. Zseby, and A. Wagner. An ipfix-based file format, October 2008. Internet Draft, work in progress.
P. R. Warkhede, S. Suri, and G. Varghese. Fast packet classification for two-dimensional conflict-free filters. In INFOCOM, pp. 1434–1443, 2001.
M. Wasserman and T. Goddard. Using the NETCONF Configuration Protocol over Secure SHell (SSH). RFC 4742 (Proposed Standard), December 2006.
T. Y. C. Woo. A modular approach to packet classification: Algorithms and results. In INFOCOM, pp. 1213–1222, 2000.
S. Zhong, Y. Yang, and J. Chen. Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile ad hoc Networks, 2002.
T. Zseby, E. Boschi, N. Brownlee, and B. Claise. IPFIX Applicability, June 2007. Internet Draft, work in progress.
T. Zseby, T. Hirsch, and B. Claise. Packet sampling for flow accounting: challenges and limitations. In Ninth Passive and Active Measurement conference (PAM), April 2008.
T. Zseby, M. Molina, N. Duffield, S. Niccolini, and F. Raspall. Sampling and Filtering Techniques for IP Packet Selection, July 2008. Internet Draft, work in progress.
T. Zseby, S. Zander, and G. Carle. Evaluation of building blocks for passive one-way-delay measurements. In Proceedings of Passive and Active Measurement Workshop (PAM 2001), April 2001.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag US
About this chapter
Cite this chapter
Zseby, T., Pfeffer, H., Steglich, S. (2009). Concepts for Self-Protection. In: Zhang, Y., Yang, L., Denko, M. (eds) Autonomic Computing and Networking. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-89828-5_15
Download citation
DOI: https://doi.org/10.1007/978-0-387-89828-5_15
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-89827-8
Online ISBN: 978-0-387-89828-5
eBook Packages: EngineeringEngineering (R0)