Skip to main content
SpringerLink
Log in

Concepts for Self-Protection

  • Chapter
  • First Online:
Autonomic Computing and Networking

Abstract

Network protection should be a number one priority on every network operator’s list. Even the best network is useless, if an intruder can gain control. Although the research community has been working in this field for decades, we are still at a far remove from networks where successful attacks are the exception. Scant deployment of security solutions is not the only reason. The fast evolution of protocols and applications and the permanent emergence of new attacks build an extremely dynamic environment in which protection becomes a tough challenge. Classical attack prevention techniques are not sufficient to deal with new and unexpected incidents. The immense administrative burden on users and providers calls for automation of security tasks and protection features as an integral part of future networks. However, network self-protection requires permanent awareness and the flexibility to re-act. Sophisticated observation and analysis techniques, cooperation, and information sharing together with learning concepts are crucial to achieve this goal. Autonomic communication provides a framework in which self-protection concepts can be developed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. AirCERT. http://aircert.sourceforge.net/.

  2. P. D. Amer and L. N. Cassel. Management of sampled real-time network measurements. In 14th Conference on Local Computer Networks, October 1989.

    Google Scholar 

  3. M. Badra. NETCONF over Transport Layer Security (TLS), February 2008. Internet Draft, work in progress.

    Google Scholar 

  4. S. Bansal and M. Baker. Observation-Based Cooperation Enforcement in ad hoc Networks, 2003.

    Google Scholar 

  5. M. Bjorklund (ed.). YANG – A data modeling language for NETCONF, January 2009. Internet Draft, work in progress.

    Google Scholar 

  6. H. Bos, W. de Bruijn, M. Cristea, T. Nguyen, and G. Portokalidis. FFPF: Fairly Fast Packet Filters. In Proceedings of OSDI’04, 2004.

    Google Scholar 

  7. S. Buchegger and J.-Y. L. Boudec. Performance analysis of the CONFIDANT protocol: Cooperation of nodes—fairness in dynamic ad-hoc networks. In Proceedings of IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Lausanne, Switzerland, June 2002. IEEE.

    Google Scholar 

  8. J. Buford, R. Kumar, and G. Perkins. Composition trust bindings in pervasive computing service composition. In PERCOMW ’06: Proceedings of the 4th annual IEEE international conference on Pervasive Computing and ommunications Workshops, p. 261, Washington, DC, USA, 2006. IEEE Computer Society.

    Google Scholar 

  9. L. Buttyán and J. Hubaux. Nuglets: A Virtual Currency to Stimulate Cooperation in Self-Organized ad hoc Networks. Technical Report DSC/2001, 2001.

    Google Scholar 

  10. D. Chakraborty, A. Joshi, T. Finin, and Y. Yesha. Service composition for mobile environments. J. Mobile Netw. Appl., Special Issue on Mobile Services, 10(4): 435–451, January 2005.

    Google Scholar 

  11. B.-Y. Choi, J. Park, and Z.-L. Zhang. Adaptive random sampling for load change detection. SIGMETRICS Perform. Eval. Rev., 30(1): 272–273, 2002.

    Article  Google Scholar 

  12. K. C. Claffy, G. C. Polyzos, and H. W. Braun. Application of sampling methodologies to network traffic characterization. In ACM SIGCOMM, pp. 194–203, 1993.

    Google Scholar 

  13. B. Claise. Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information. RFC 5101 (Proposed Standard), January 2008.

    Google Scholar 

  14. E. M. J. Clarke, O. Grumberg, and D. A. Peled. Model Checking. The MIT Press, Cambridge, Massachusetts and London, England, 1999.

    Google Scholar 

  15. J. Coppens, S. D. Smet, S. V. den Berghe, F. D. Turck, and P. Demeester. Performance evaluation of a probabilistic packet filter optimization algorithm for high-speed network monitoring. In HSNMC, pp. 120–131, 2004.

    Google Scholar 

  16. The DAG project. http://dag.cs.waikato.ac.nz.

  17. L. Deri. nprobe: an open source netflow probe for gigabit networks. In Proc. of Terena TNC2003, 2003.

    Google Scholar 

  18. S. Dobson, S. Denazis, A. Fernàndez, D. Gaàti, E. Gelenbe, F. Massacci, P. Nixon, F. Saffre, N. Schmidt, and F. Zambonelli. A survey of autonomic communications. ACM Trans. Auton. Adapt. Syst., 1(2): 223–259, 2006.

    Article  Google Scholar 

  19. J. Drobisz and K. J. Christensen. Adaptive sampling methods to determine network traffic statistics including the hurst parameter. In LCN, pp. 238–248, 1998.

    Google Scholar 

  20. N. Duffield. Sampling for passive internet measurement: A review. In Statistical Science, Vol. 19, pp. 472–498, 2004.

    Article  MATH  MathSciNet  Google Scholar 

  21. N. Duffield, C. Lund, and M. Thorup. Charging from sampled network usage. In Proc. Internet Measurement Workshop, November 2001.

    Google Scholar 

  22. N. Duffield, C. Lund, and M. Thorup. Properties and prediction of flow statistics from sampled packet streams. In ACM SIGCOMM Internet Measurement Workshop, 2002.

    Google Scholar 

  23. N. G. Duffield and M. Grossglauser. Trajectory sampling for direct traffic observation. In SIGCOMM, pp. 271–282, 2000.

    Google Scholar 

  24. S. Dustdar and W. Schreiner. A survey on web services composition. IJWGS, 1(1): 1–30, 2005.

    Article  Google Scholar 

  25. Endace measurement systems. http://www.endace.com.

  26. R. Enns. NETCONF Configuration Protocol. RFC 4741 (Proposed Standard), December 2006.

    Google Scholar 

  27. F. Ergun, S. Mittra, S. C. Sahinalp, J. Sharp, and R. K. Sinha. A dynamic lookup scheme for bursty access patterns. In INFOCOM, pp. 1444–1453, 2001.

    Google Scholar 

  28. C. Estan, K. Keys, D. Moore, and G. Varghese. Building a better NetFlow. In SIGCOMM, 2004.

    Google Scholar 

  29. C. Estan and G. Varghese. New directions in traffic measurement and accounting: focusing on the elephants, ignoring the mice. ACM Trans. Comput. Syst., 21(3): 270–313, 2003.

    Article  Google Scholar 

  30. W. Fang and L. Peterson. Inter-as traffic patterns and their implications. In Global Telecommunications Conference, December 1999.

    Google Scholar 

  31. A. Feldmann and S. Muthukrishnan. Tradeoffs for packet classification. In INFOCOM, pp. 1193–1202, 2000.

    Google Scholar 

  32. R. T. Fielding. Architectural Styles and the Design of Network-based Software Architectures. PhD thesis, University of California, Irvine, 2000.

    Google Scholar 

  33. C. Fraleigh, C. Diot, B. Lyles, S. Moon, P. Owezarski, D. Papagiannaki, and F. Tobagi. Design and deployment of a passive monitoring infrastructure. Lecture Notes in Computer Science, 2170: 556+, 2001.

    Article  Google Scholar 

  34. T. Goddard. Using NETCONF over the Simple Object Access Protocol (SOAP). RFC 4743 (Proposed Standard), December 2006.

    Google Scholar 

  35. I. D. Graham, S. F. Donnelly, S. Martin, J. Martens, and J. G. Cleary. Nonintrusive and accurate measurement of unidirectional delay and delay variation on the internet. In INET, 1998.

    Google Scholar 

  36. N. Hohn and D. Veitch. Inverting sampled traffic. ACM SIGCOMM internet measurement conference (IMC 2003), Miami Beach, Florida, USA, October 2003.

    Google Scholar 

  37. G. Iannaccone, C. Diot, I. Graham, and N. McKeown. Monitoring very high speed links. In ACM Internet Measurement Workshop, 2001.

    Google Scholar 

  38. IBM. An architectural blueprint for autonomic computing. white paper, IBM, 2006.

    Google Scholar 

  39. C. Jacob, H. Pfeffer, L. Zhang, and S. Steglich. Establishing service communities in peer-to-peer networks. In 1st IEEE International Peer-to-Peer for Handheld Devices Workshop CCNC 2008, Las Vegas, NV, USA, January 10–12 2008.

    Google Scholar 

  40. J. Koehler, C. Giblin, D. Gantenbein, and R. Hauser. On Autonomic Computing Architectures, 2003.

    Google Scholar 

  41. A. Kumar, J. Xu, J. Wang, O. Spatscheck, and L. Li. Space-code bloom filter for efficient per-flow traffic measurement. In Infocom, 2004.

    Google Scholar 

  42. E. Lear and K. Crozier. Using the NETCONF Protocol over the Blocks Extensible Exchange Protocol (BEEP). RFC 4744 (Proposed Standard), December 2006.

    Google Scholar 

  43. D. Linner, H. Pfeffer, A. Kress, S. Kruessel, and S. Steglich. SmartWare, 2008.

    Google Scholar 

  44. D. Linner, H. Pfeffer, I. Radusch, and S. Steglich. Biology as Inspiration towards a new Service Life-Cycle. In Proceedings of the 4th IEEE International Conference on Autonomic and Trusted Computing (ATC’07), ISBN: 978-3-540-73546-5, pp. 94–102, Hong Kong, China, July 11–13 2007.

    Google Scholar 

  45. D. Linner, H. Pfeffer, and S. Steglich. A genetic algorithm for the adaptation of service compositions. In Proceedings of the 2nd International Conference on Bio-Inspired Models of Network, Information, and Computing Systems, 2007.

    Google Scholar 

  46. D. Linner, I. Radusch, S. Steglich, and C. Jacob. The semantic data space for loosely coupled service provisioning.In ISADS ’07: Proceedings of the Eighth International Symposium on Autonomous Decentralized Systems, pp. 97–104, Washington, DC, USA, 2007. IEEE Computer Society.

    Google Scholar 

  47. S. McCanne, V. Jacobson, C. Leres. tcpdump manual page, 2001. Lawrence Berkeley National Laboratory, University of California, Berkeley, CA, USA.

    Google Scholar 

  48. B. Miller. The Autonomic Computing Edge: Can you Chop Up Autonomic Computing? Technical report, IBM, 2008. available at http://www.ibm.com/developerworks/autonomic/library/ac-edge4/.

  49. G. Muenz and B. Claise. Configuration Data Model for IPFIX and PSAMP, November 2008. Internet Draft, work in progress.

    Google Scholar 

  50. J.-Y. Pan, S. Seshan, and C. Faloutsos. FastCARS: Fast, Correlation-Aware Sampling for Network Data Mining. In Proceedings of IEEE GlobeCOM 2002 – Global Internet Symposium, 2002.

    Google Scholar 

  51. A. Patcha and J.-M. Park. An overview of anomaly detection techniques: existing solutions and latest technological trends. Comput. Netw., 51(12): 3448–3470, 2007.

    Article  Google Scholar 

  52. H. Pfeffer, D. Linner, I. Radusch, and S. Steglich. The bio-inspired Service Life-Cycle: an overview. In Proceedings of the 3rd IEEE International Conference on Autonomic and Autonomous Systems (ICAS’07), Athens, Greece, June 19–15 2007.

    Google Scholar 

  53. A. Pietzowski, B. Satzger, W. Trumler, and T. Ungerer. A bio-inspired approach for self-protecting an organic middleware with artificial antibodies. In IWSOS/EuroNGI, pp. 202–215, 2006.

    Google Scholar 

  54. A. Pietzowski, B. Satzger, W. Trumler, and T. Ungerer. Using positive and negative selection from immunology for detection of anomalies in a self-protecting middleware. In 36th annual conference of the Gesellschaft für Informatik e.V. (GI), Informatik für Menschen, INFORMATIK 2006, Vol. P-93 of LNI, Dresden, Germany, October 2006.

    Google Scholar 

  55. A. Pietzowski, W. Trumler, and T. Ungerer. An artificial immune system and its integration into an organic middleware for self-protection. In M. Cattolico (ed.), GECCO, pp. 129–130. ACM, 2006.

    Google Scholar 

  56. J. Rao and X. Su. A survey of automated web service composition methods. In SWSWPC, pp. 43–54, 2004.

    Google Scholar 

  57. C. Schmoll. Dynamically configurable network meter for accounting in ip-based networks. Diploma thesis, Technical University Berlin, December 2001.

    Google Scholar 

  58. SNORT. http://www.snort.org/.

  59. V. Srinivasan. A packet classification and filter management system. In INFOCOM, pp. 1464–1473, 2001.

    Google Scholar 

  60. R. Sterritt and D. Bustard. Towards an autonomic computing environment. In DEXA ’03: Proceedings of the 14th International Workshop on Database and Expert Systems Applications, p. 699, Washington, DC, USA, 2003. IEEE Computer Society.

    Google Scholar 

  61. R. Sterritt, M. Parashar, H. Tianfield, and R. Unland. A concise introduction to autonomic computing. Advanced Engineering Informatics, 19(3): 181–187, 2005.

    Article  Google Scholar 

  62. M. P. Stoecklin, A. Kind, and J.-Y. L. Boudec. Dynamic adaptation of flow information granularity for incident analysis. In CERT FloCon Workshop, 2008.

    Google Scholar 

  63. B. Trammell, E. Boschi, L. Mark, T. Zseby, and A. Wagner. An ipfix-based file format, October 2008. Internet Draft, work in progress.

    Google Scholar 

  64. P. R. Warkhede, S. Suri, and G. Varghese. Fast packet classification for two-dimensional conflict-free filters. In INFOCOM, pp. 1434–1443, 2001.

    Google Scholar 

  65. M. Wasserman and T. Goddard. Using the NETCONF Configuration Protocol over Secure SHell (SSH). RFC 4742 (Proposed Standard), December 2006.

    Google Scholar 

  66. T. Y. C. Woo. A modular approach to packet classification: Algorithms and results. In INFOCOM, pp. 1213–1222, 2000.

    Google Scholar 

  67. S. Zhong, Y. Yang, and J. Chen. Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile ad hoc Networks, 2002.

    Google Scholar 

  68. T. Zseby, E. Boschi, N. Brownlee, and B. Claise. IPFIX Applicability, June 2007. Internet Draft, work in progress.

    Google Scholar 

  69. T. Zseby, T. Hirsch, and B. Claise. Packet sampling for flow accounting: challenges and limitations. In Ninth Passive and Active Measurement conference (PAM), April 2008.

    Google Scholar 

  70. T. Zseby, M. Molina, N. Duffield, S. Niccolini, and F. Raspall. Sampling and Filtering Techniques for IP Packet Selection, July 2008. Internet Draft, work in progress.

    Google Scholar 

  71. T. Zseby, S. Zander, and G. Carle. Evaluation of building blocks for passive one-way-delay measurements. In Proceedings of Passive and Active Measurement Workshop (PAM 2001), April 2001.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Fraunhofer Institute Fokus, Berlin, Germany

    Tanja Zseby, Heiko Pfeffer & Stephan Steglich

Authors
  1. Tanja Zseby
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Heiko Pfeffer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stephan Steglich
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tanja Zseby .

Editor information

Editors and Affiliations

    Rights and permissions

    Reprints and permissions

    Copyright information

    © 2009 Springer-Verlag US

    About this chapter

    Cite this chapter

    Zseby, T., Pfeffer, H., Steglich, S. (2009). Concepts for Self-Protection. In: Zhang, Y., Yang, L., Denko, M. (eds) Autonomic Computing and Networking. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-89828-5_15

    Download citation

    • DOI: https://doi.org/10.1007/978-0-387-89828-5_15

    • Published:

    • Publisher Name: Springer, Boston, MA

    • Print ISBN: 978-0-387-89827-8

    • Online ISBN: 978-0-387-89828-5

    • eBook Packages: EngineeringEngineering (R0)

    Publish with us

    Policies and ethics

    Search

    Navigation