Change search
ReferencesLink to record
Permanent link

Direct link
On the Self-Protection of Firewalls and Distributed Intrusion Detection Systems
Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science. Karlstad University, Faculty of Economic Sciences, Communication and IT, Centre for HumanIT.
2001 (English)Report (Refereed)
Abstract [en]

Distributed computing is performed by allowing a possibly large number of interconnected

entities to process distributed information. The complexity of these systems

increases the risk of exposing information to unauthorized parties and opens up the possibility

of new threats and new vulnerabilities. Thus, the security of the systems cannot be

provided by the local computer, but is dependent on the security of all the computers and

communication channels involved. In order to counter these new threats, security extensions,

such as firewalls and intrusion detection systems, are often added to the system.

However, to be more effective the extensions need to reflect the structure of the system

they should protect, i.e. they must cooperate or wherever appropriate be distributed themselves.

One aspect which is often neglected in this context is that the introduction of security

extensions may in itself introduce new vulnerabilities. This comes from the fact that

the extensions rely on sensitive information in order to work properly. Another aspect is

that commonly used operating systems do not provide a trustworthy platform for the security extensions, so the security can not be based on the security of the underlying system.

One way to solve this problem is to let the extension take care of its own protection, i.e. provide self-protection. This thesis addresses the self-protection problem and discusses the avoidance of the risks and dangers associated with the use of security extensions. One specific issue of self-protection is studied in particular, namely that of protecting the detection policy of a distributed intrusion detection system. A protection method using one-way functions is proposed.

Place, publisher, year, edition, pages
2001.
Series
, Technical Report 398L, Department of Computer Engineering, Chalmers University of Technology, SE-412 96 Göteborg, Sweden, 2001
National Category
Computer Science
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-22100OAI: oai:DiVA.org:kau-22100DiVA: diva2:595776
Available from: 2013-01-21 Created: 2013-01-21 Last updated: 2013-01-21

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Hedbom, Hans
By organisation
Department of Computer ScienceCentre for HumanIT
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

Total: 11 hits
ReferencesLink to record
Permanent link

Direct link