IBAN: intrusion blocker based on active networks

Cholter, W. La; Narasimhan, Priya; Sterne, D.; Balupari, R.; Djahandari, K.; Mani, Avinash Chandra; Murphy, Sandra

doi:10.1109/dance.2002.1003492

Cited by 9 publications

(3 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A drawback with this approach is that after detecting a DDoS flood by a sudden increase in packet distribution no further verification of the attack is done but immediately a rate limiter is installed on the active nodes. Another approach, IBAN [4], detects worm propagations based on active networks. Therefore, a management station distributes so called scanners on active networking edge routers.…”

Section: Related Workmentioning

confidence: 99%

An Extensible and Flexible System for Network Anomaly Detection

Gamer

Schöller

Bless

2006

Autonomic Networking

View full text Add to dashboard Cite

Network hazards like attacks or misbehaving nodes are still a great obstacle for network operators. Distributed denial of service attacks and worm propagations do not only affect the attacked nodes but also the network itself by wasting network resources. In wireless ad hoc networks even more hazards exist due to its self-organizing characteristic. A detection of such network hazards as early as possible enables a fast deployment of appropriate countermeasures and thereby significantly improves network operation. Our proposed detection system uses programmable network technology to deploy such a system within the network itself. Doing this without influencing the routing performance seriously demands a resource saving architecture. We therefore propose to use a hierarchical architecture which runs a very small basic stage all the time and loads specialized detection modules on demand to verify the network hazard. In this paper we introduce our system which can detect DDoS attacks, worm propagations, and wormhole attacks.

show abstract

Section: Related Workmentioning

confidence: 99%

An Extensible and Flexible System for Network Anomaly Detection

Gamer

Schöller

Bless

2006

Autonomic Networking

View full text Add to dashboard Cite

show abstract

“…Most of research on intrusion prevention focuses on preventing attacks on operating systems and computer networks [1], [2], [3], [4], [5]. Although auditing tools are , provided by most of popular DBMS and there are some works on database intrusion detection [6], [7], [8], [9], [10], [11], [12], [13], these methods focus on detecting attacks after the event, so they can not realize intrusion prevention for database.…”

Section: Introductionmentioning

confidence: 99%

D_DIPS: An Intrusion Prevention System for Database Security

Dai

Miao

2005

Information and Communications Security

View full text Add to dashboard Cite

Abstract. There is a growing security concern on the increasing number of databases that are accessible through the Internet because a variety of attacks do succeed to fool the existed database protection mechanisms in many applications. Defense-in-depth strategies like intrusion prevention is urgently needed for database security. Most of research on intrusion prevention focuses on preventing attacks on operating systems and computer networks. Few efforts have been put on database intrusion prevention. Design and implementation of a database intrusion prevention system D_DIPS is presented. The goal of D_DIPS is to detect attacks caused by malicious transactions and cancel them timely before they succeed. The D_DIPS prototype shows D_DIPS can detect and stop attacks of malicious transaction in real time with low false alarm rate.

show abstract

“…The Intrusion Blocker based on Active Networks (IBAN) [7] then it is regarded as suspicious, transferred to the suspicious queue, and an attack profile configured. The TAC then rate controls this suspicious traffic through a configurable filter function.…”

Section: Defeating Denial Of Service Attacksmentioning

confidence: 99%