Abstract
With the explosive growth of Internet connectivity that includes not only end-hosts but also pervasive devices, security becomes a requirement for enterprises. Although a significant effort has been made by the research community to develop defense techniques against security attacks, less focus has been given to manage security configuration efficiently. Network security devices, such as firewalls, intrusion detection and prevention systems, honeypot as well as vulnerability scanner, operate as a stand-alone system for solving a particular security problem. Yet these devices are not necessarily independent. The focus of this work is encompassing a security infrastructure where multiple security devices form a global security layer. Each component is defined with respect to the others and interacts dynamically and automatically with the different security devices in order to choose the best solution to be launched to prevent the final malicious objective. Our solution aims at solving, at the same time, the need for active defence, speed, reliability, accuracy and usability of the network.
Similar content being viewed by others
References
Artaila H., Safa H., Sraj M., Kuwatly I., Al-Masri Z.: A hybrid honeypot framework for improving intrusion detection systems in protecting organizational networks. Comput. Secur. 25, 274–288 (2006)
ARPA Knowledge Sharing Initiative, Specification of the KQML Agent-Communication Language. ARPA Knowledge Sharing Initiative, External Interfaces Working Group, (1993)
Bellowin Steven M.: Packets found on an internet. Comput. Commun. Rev. 23(3), 26–31 (1993)
Cheswick W.R., Bellovin S.M., Rubin A.D.: Firewalls and Internet Security: Repelling the Wily Hacker, 2nd edn. Addison-Wesley, Reading (2003)
Cheswick, W.R., Bellovin, S.M., Rubin, A.D.: The Use of Honeypots and Packet Sniffers for Intrusion Detection. SANS Institute. http://www.giac.org/practical/gsec/Michael_Sink_GSEC.pdf (2005)
CSI/FBI Computer Crime and Security Survey. http://www.gocsi.com/forms/fbi/pdf.jhtml (2003)
Common Vulnerabilities and Exposures. http://cve.mitre.org/about/
Dagon, D., Qin, X., Gu G., Lee, W.: HoneyStat: LocalWorm detection using honeypots. In: Seventh International Symposium on Recent Advances in Intrusion Detection (RAID ’04), (2004)
Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: Ninth Annual CSI/FBI Computer Crime and Security Survey. Computer Security Institute (2004)
Kuwatly, I., Sraj, M., Masri, Z.A., Artail, H.: A dynamic honeypot design for intrusion detection. In: The Proceedings of the IEEE/ACS International Conference on Pervasive Services (ICPS’04). IEEE (2004)
Lai, Y.-P., Hsia, P.-L.: Using the vulnerability information of computer systems to improve the network security. Comput. Commun (2007)
Pietraszek, T., Tanner, A.: Data Mining and Machine Learning—Towards Reducing False Positives in Intrusion Detection. Information Security Technical Report 10, 169–183. Elsevier, Amsterdam (2005)
Power, R.: 2001 CSI/FBI Computer Crime Survey, Computer Security Institute, Computer Security Issues and Trends VII (1). http://www.gocsi.com/prelea_000321.htm (2001)
QualysGuard Vulnerability Assessment. http://www.qualys.com/?page=services/qg/how
Sourour, M., Adel, B., Tarek, A.: A stateful real time intrusion detection system for high-speed network. In: The Proceedings of the 21th IEEE International Conference on Advanced Information Networking and Applications (AINA’07). IEEE (2007)
Tang, Y., Hu, H.P., Lu, X.C., Wang, J.: HonIDS: enhancing honeypot system with intrusion detection models. In: The Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06). IEEE (2006)
Yu, J., Ramana Reddy, Y.V., Selliah, S., Reddy, S., Bharadwaj, V., Kankanahalli, S.: TRINETR: an architecture for collaborative intrusion detection and knowledge-based alert evaluation. In: The Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE’04)
Zhang, X., Li, C., Zheng, W.: Intrusion Prevention System Design. IEEE. (2004)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Sourour, M., Adel, B. & Tarek, A. Ensuring security in depth based on heterogeneous network security technologies. Int. J. Inf. Secur. 8, 233–246 (2009). https://doi.org/10.1007/s10207-009-0077-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-009-0077-2