Skip to main content

Ensuring security in depth based on heterogeneous network security technologies

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

With the explosive growth of Internet connectivity that includes not only end-hosts but also pervasive devices, security becomes a requirement for enterprises. Although a significant effort has been made by the research community to develop defense techniques against security attacks, less focus has been given to manage security configuration efficiently. Network security devices, such as firewalls, intrusion detection and prevention systems, honeypot as well as vulnerability scanner, operate as a stand-alone system for solving a particular security problem. Yet these devices are not necessarily independent. The focus of this work is encompassing a security infrastructure where multiple security devices form a global security layer. Each component is defined with respect to the others and interacts dynamically and automatically with the different security devices in order to choose the best solution to be launched to prevent the final malicious objective. Our solution aims at solving, at the same time, the need for active defence, speed, reliability, accuracy and usability of the network.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Artaila H., Safa H., Sraj M., Kuwatly I., Al-Masri Z.: A hybrid honeypot framework for improving intrusion detection systems in protecting organizational networks. Comput. Secur. 25, 274–288 (2006)

    Article  Google Scholar 

  2. ARPA Knowledge Sharing Initiative, Specification of the KQML Agent-Communication Language. ARPA Knowledge Sharing Initiative, External Interfaces Working Group, (1993)

  3. Bellowin Steven M.: Packets found on an internet. Comput. Commun. Rev. 23(3), 26–31 (1993)

    Article  Google Scholar 

  4. Cheswick W.R., Bellovin S.M., Rubin A.D.: Firewalls and Internet Security: Repelling the Wily Hacker, 2nd edn. Addison-Wesley, Reading (2003)

    Google Scholar 

  5. Cheswick, W.R., Bellovin, S.M., Rubin, A.D.: The Use of Honeypots and Packet Sniffers for Intrusion Detection. SANS Institute. http://www.giac.org/practical/gsec/Michael_Sink_GSEC.pdf (2005)

  6. CSI/FBI Computer Crime and Security Survey. http://www.gocsi.com/forms/fbi/pdf.jhtml (2003)

  7. Common Vulnerabilities and Exposures. http://cve.mitre.org/about/

  8. Dagon, D., Qin, X., Gu G., Lee, W.: HoneyStat: LocalWorm detection using honeypots. In: Seventh International Symposium on Recent Advances in Intrusion Detection (RAID ’04), (2004)

  9. Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: Ninth Annual CSI/FBI Computer Crime and Security Survey. Computer Security Institute (2004)

  10. http://sourceforge.net/projects/snort-inline

  11. http://www.mysql.com

  12. http://www.honeyd.org

  13. Kuwatly, I., Sraj, M., Masri, Z.A., Artail, H.: A dynamic honeypot design for intrusion detection. In: The Proceedings of the IEEE/ACS International Conference on Pervasive Services (ICPS’04). IEEE (2004)

  14. Lai, Y.-P., Hsia, P.-L.: Using the vulnerability information of computer systems to improve the network security. Comput. Commun (2007)

  15. Pietraszek, T., Tanner, A.: Data Mining and Machine Learning—Towards Reducing False Positives in Intrusion Detection. Information Security Technical Report 10, 169–183. Elsevier, Amsterdam (2005)

  16. Power, R.: 2001 CSI/FBI Computer Crime Survey, Computer Security Institute, Computer Security Issues and Trends VII (1). http://www.gocsi.com/prelea_000321.htm (2001)

  17. QualysGuard Vulnerability Assessment. http://www.qualys.com/?page=services/qg/how

  18. Sourour, M., Adel, B., Tarek, A.: A stateful real time intrusion detection system for high-speed network. In: The Proceedings of the 21th IEEE International Conference on Advanced Information Networking and Applications (AINA’07). IEEE (2007)

  19. Tang, Y., Hu, H.P., Lu, X.C., Wang, J.: HonIDS: enhancing honeypot system with intrusion detection models. In: The Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA’06). IEEE (2006)

  20. Yu, J., Ramana Reddy, Y.V., Selliah, S., Reddy, S., Bharadwaj, V., Kankanahalli, S.: TRINETR: an architecture for collaborative intrusion detection and knowledge-based alert evaluation. In: The Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE’04)

  21. Zhang, X., Li, C., Zheng, W.: Intrusion Prevention System Design. IEEE. (2004)

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Meharouech Sourour.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sourour, M., Adel, B. & Tarek, A. Ensuring security in depth based on heterogeneous network security technologies. Int. J. Inf. Secur. 8, 233–246 (2009). https://doi.org/10.1007/s10207-009-0077-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-009-0077-2

Keywords