| Summary: | 碩士 === 東海大學 === 資訊工程與科學系 === 93 === For integrated security, we often integrate several network security systems such as firewall and intrusion detection system as a defensive system to prevent our information system being intruded. But according to current developed technology and practical situation, network administrator and the defensive system still have to work cooperatively to block intruders. In order to make the defensive system more sensitive and automatic and let it response to intrusions correctly, it will be the major objective for this project to research and design a secure, efficient and intelligent defensive system.
The intelligent defensive system is composed of the following parts.
Firewall dispatcher: As the network activities grown up, firewall often become a bottleneck of network communication. Some attacking tricks, like DOS, will make the problem more serious. And when firewall system can not handle the increasing network communications, it will take much of time and cost a lot. If we can use the concept similar to cluster, we replace a single expensive firewall by a group of general firewalls and let them have the same function. The expansibility of firewall will be very elastic. So, our research objective will be how to dispatch the jobs into firewall group approaching the concept of load balance.
Self-adapting rule system: Although the intrusion detection system can provide the information about attacks for network administrator, but the administrator still have to change the firewall rules by himself to block the intruders. It will be minute and complicated and the chance to defend just in time will be lost. If the intrusion detection system can dynamically and automatically change the rules of firewall in order to block the attacker as quickly as possible when find alerts of attacks, it will make the defensive system more intelligent responding to attacks.
|
|---|
