Skip to main content
SpringerLink
Log in

Self-Organized Network Security Facilities based on Bio-inspired Promoters and Inhibitors

  • Chapter
Advances in Biologically Inspired Information Systems

Part of the book series: Studies in Computational Intelligence ((SCI,volume 69))

Self-organization techniques based on promoters and inhibitors has been intensively studied in biological systems. Promoters enable an on-demand amplification of reactions to a particular cause. This allows to react quickly with appropriate countermeasures. On the other hand, inhibitors are capable of regulating this uncontrolled amplification by suppressing the reaction. In this paper, we demonstrate the applicability of these mechanisms in a network security scenario consisting of network monitoring elements, attack detection, and firewall devices. Previous work identified most existing detection approaches as not suitable for high-speed networks. This problem can be alleviated by separating the methodologies for network monitoring and for subsequent data analysis. In this paper, we present an adaptation algorithm that allows to manage the individual configuration parameters in order to optimize the overall system. We show the advantages of self-regulating techniques based on promoters and inhibitors that lead to maximized security and that gracefully degradate in case of overload situations. We created a simulation model to verify the algorithms. The results of the conducted simulations encourage further studies in this field.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. H.-W. Braun, k. Claffy, and G. C. Polyzos, “A framework for flow-based accounting on the Internet,” in IEEE Singapore International Conference on Networks (SICON’93), Singapore, September 1993, pp. 847-851.

    Google Scholar 

  2. B. Caswell and J. Hewlett, “Snort Users Manual,” The Snort Project, Manual, May 2004.

    Google Scholar 

  3. R. K. C. Chang, “Defending against Flooding-Based Distributed Denial-of-Service Attacks: A Tutorial,” IEEE Communications Magazine, vol. 10, pp. 42-51, October 2002.

    Article  Google Scholar 

  4. B. Claise, “Cisco Systems NetFlow Services Export Version 9,” RFC 3954, October 2004.

    Google Scholar 

  5. ——, “IPFIX Protocol Specification,” Internet-Draft (work in progress), draft-ietf-ipfix-protocol-22.txt, June 2006.

    Google Scholar 

  6. F. Dressler, “Adaptive network monitoring for self-organizing network security mechanisms,” in IFIP International Conference on Telecommunication Systems, Modeling and Analysis 2005 (ICTSM2005), Dallas, TX, USA, November 2005, pp. 67-75.

    Google Scholar 

  7. ——, “Efficient and Scalable Communication in Autonomous Networking using Bio-inspired Mechanisms - An Overview,” Informatica - An International Journal of Computing and Informatics, vol. 29, no. 2, pp. 183-188, July 2005.

    Google Scholar 

  8. F. Dressler and I. Dietrich, “Simulative Analysis of Adaptive Network Monitoring Methodologies for Attack Detection,” in IEEE EUROCON 2005 - The International Conference on "Computer as a Tool", Belgrade, Serbia and Montenegro, November 2005, pp. 624-627.

    Google Scholar 

  9. F. Dressler and B. Krüger, “Cell biology as a key to computer networking,” in German Conference on Bioinformatics 2004 (GCB’04), Poster Session, Bielefeld, Germany, October 2004.

    Google Scholar 

  10. F. Dressler and G. Münz, “Flexible Flow Aggregation for Adaptive Network Monitoring,” in 31st IEEE Conference on Local Computer Networks (LCN): 1st IEEE LCN Workshop on Network Measurements (WNM 2006), Tampa, Florida, November 2006, pp. 702-709.

    Google Scholar 

  11. F. Dressler, G. Münz, and G. Carle, “CATS - Cooperating Autonomous Detection Systems,” in 1st IFIP International Workshop on Autonomic Communication (WAC 2004), Poster Session, Berlin, Germany, October 2004.

    Google Scholar 

  12. F. Dressler, C. Sommer, and G. Münz, “IPFIX Aggregation,” Internet-Draft (work in progress), draft-dressler-ipfix-aggregation-03.txt, June 2006.

    Google Scholar 

  13. N. Duffield and M. Grossglauser, “Trajectory Sampling for Direct Traffic Observation,” IEEE/ACM Transactions on Networking (TON), vol. 9, no. 3, pp. 280-292, June 2001.

    Article  Google Scholar 

  14. N. Duffield, “A Framework for Packet Selection and Reporting,” Internet-Draft (work in progress), draft-ietf-psamp-framework-10.txt, January 2005.

    Google Scholar 

  15. A. Fessi, G. Carle, F. Dressler, J. Quittek, C. Kappler, and H. Tschofenig, “NSLP for Metering Configuration Signaling,” Internet-Draft (work in progress), draft-dressler-nsis-metering-nslp-04.txt, June 2006.

    Google Scholar 

  16. Y. Hu, D.-M. Chiu, and J. C. Lui, “Adaptive Flow Aggregation - A New Solution for Robust Flow Monitoring under Security Attacks,” in IEEE/IFIP Network Operations and Management Symposium (IEEE/IFIP NOMS 2006), Vancouver, Canada, April 2006, pp. 424-435.

    Google Scholar 

  17. C. A. Janeway, M. Walport, and P. Travers, Immunobiology: The Immune System in Health and Disease, 5th ed. Garland Publishing, 2001.

    Google Scholar 

  18. B. Krüger and F. Dressler, “Molecular Processes as a Basis for Autonomous Networking,” IPSI Transactions on Advances Research: Issues in Computer Science and Engineering, vol. 1, no. 1, pp. 43-50, January 2005.

    Google Scholar 

  19. T.-H. Lee, W.-K. Wu, and T.-Y. W. Huang, “Scalable Packet Digesting Schemes for IP Traceback,” in IEEE International Conference on Communications, Paris, France, June 2004.

    Google Scholar 

  20. J. Mirkovic and P. Reiher, “A Taxonomy of DDoS Attack and DDoS Defense Mechanisms,” ACM SIGCOMM Computer Communication Review, vol. 34, no. 2, pp. 39-53, April 2004.

    Article  Google Scholar 

  21. M. Molina, “A scalable and efficient methodology for flow monitoring in the Internet,” in 18th International Teletraffic Congress (ITC18), ser. Providing Quality of Service in Heterogeneous Environments, J. Charzinski, R. Lehnert, and P. Tran-Gia, Eds., vol. 5a. Berlin, Germany: Elsevier, August 2003, pp. 271-280.

    Google Scholar 

  22. V. Paxson, “Bro: A System for Detecting Network Intruders in Real-Time,” Computer Networks, vol. 31, no. 23-24, pp. 2435-2463, December 1999.

    Article  Google Scholar 

  23. J. Quittek, S. Bryant, B. Claise, and J. Meyer, “Information Model for IP Flow Information Export,” Internet-Draft (work in progress), draft-ietf-ipfix-info-12.txt, June 2006.

    Google Scholar 

  24. M. Roesch, “Snort: Lightweight Intrusion Detection for Networks,” in 13th USENIX Conference on System Administration. USENIX Association, 1999, pp. 229-238.

    Google Scholar 

  25. R. F. Schmidt, F. Lang, and G. Thews, Physiologie des Menschen, 29th ed. Springer Verlag, 2005.

    Google Scholar 

  26. T. Zseby, M. Molina, N. Duffield, S. Niccolini, and F. Raspall, “Sampling and Filtering Techniques for IP Packet Selection,” Internet-Draft (work in progress), draft-ietf-psamp-sample-tech-07.txt, July 2005.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Autonomic Networking Group. Department of Computer Science 7, University of Erlangen, Martensstr. 3, 91058, Erlangen, Germany

    Falko Dressler

Authors
  1. Falko Dressler
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Erlangen, Martensstr. 3, 91058, Erlangen, Germany

    Falko Dressler

  2. CREATE-NET, Via Solteri 38, 38100, Trento, Italy

    Iacopo Carreras

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dressler, F. (2007). Self-Organized Network Security Facilities based on Bio-inspired Promoters and Inhibitors. In: Dressler, F., Carreras, I. (eds) Advances in Biologically Inspired Information Systems. Studies in Computational Intelligence, vol 69. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72693-7_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-72693-7_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-72692-0

  • Online ISBN: 978-3-540-72693-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation