Policy and implementation of an adaptive firewall
Proceedings 10th IEEE International Conference on Networks (ICON 2002). Towards Network Superiority (Cat. No.02EX588) - Trang 434-439
Tóm tắt
Firewalls are now an integral part of network security and a variety of architectures have been developed. These architectures, however, are normally static and offer little opportunity to adapt to common attacks or to take account of past behaviour. To date, development in modifiable firewall configurations has been very limited. We propose an extension to the semantics of stateful packet filtering systems that would allow data to be recalled, used and shared amongst packet filtering rules and applications. This new concept of rule adaptation permits management beyond connection tracking, incorporating the overall system state as well as the effects of multiple connections.
Từ khóa
#Filtering #Probes #Computer architecture #Protocols #Filters #Intrusion detection #Computer crime #Computer science #Computer security #Data securityTài liệu tham khảo
2001, Panda Antivirus for CVP Firewalls
2002, Psionic PortSentry
2002, Watchguard Network Security Handbook - Version 5 0
0, Snort - The Open Source Network Intrusion Detection System
2001, Dynamic Graphs of the Nimda Worm
russel, 0, The Netfilter/Iptables Project