Zijian Cao
Xi�an Technological University, Xi`an, 710021, China
Xiaofeng Rong
Xi�an Technological University, Xi`an, 710021, China
ABSTRACT
In order to solve the disadvantages of Intrusion Detection System (IDS) mainly based on audit tracing and the lack of active and real-time access control ability, this article puts forward a new interactive collaboration response model which combined both detection function of IDS and access control function of firewall. It researched linkage system model using of system call and rule pattern match, designed a IDS based on system call and rule pattern match, introduced the key techniques of linkage about IDS and firewall and proposed the overall implementation process of the linkage. This study has certain instructional significance to the further application and development of the intrusion detection technology.
PDF References Citation
How to cite this article
Zijian Cao and Xiaofeng Rong, 2013. A Mechanism of Intrusion Detection System Cooperating with Firewall. Information Technology Journal, 12: 6449-6454.
DOI: 10.3923/itj.2013.6449.6454
URL: https://scialert.net/abstract/?doi=itj.2013.6449.6454
DOI: 10.3923/itj.2013.6449.6454
URL: https://scialert.net/abstract/?doi=itj.2013.6449.6454
REFERENCES
- Denning, D.E., 1987. An intrusion-detection model. IEEE Trans. Software Eng., SE-13: 222-232.
CrossRef - Feng, H.H., O.M. Kolesnikov, P. Fogla, W. Lee and W. Gong, 2003. Anomaly detection using call stack information. Proceedings of the IEEE Symposium on Security and Privacy, May 11-14, 2003, Berkeley, CA., USA., pp: 62-75.
CrossRef - Feng, H.H., J.T. Giffin, Y. Huang, S. Jha, W. Lee and B.P. Miller, 2004. Formalizing sensitivity in static analysis for intrusion detection. Proceedings of the IEEE Symposium on Security and Privacy, May 9-12, 2004, Berkeley, CA., USA., pp: 194-208.
CrossRef - Hofmeyr, S.A., S. Forrest and A. Somayaji, 1998. Intrusion detection using sequences of system calls. J. Comput. Secur., 6: 151-180.
Direct Link - Jia, C.F., A.M. Zhong, X. Zhou, R. Tian and X.T. Duan, 2007. Research on syscall-based intrusion detection technology for linux system. Application Res. Comput., 24: 147-150.
Direct Link - Lee, S.C. and D.V. Heinbuch, 2001. Training a neural-network based intrusion detector to recognize novel attacks. IEEE Trans. Syst. Man Cybern. Part A: Syst. Hum., 31: 294-299.
CrossRef - Li, W., Y.X. Dai, Y.F. Lian and P.H. Feng, 2009. Context sensitive host-based IDS using hybrid automaton. J. Software, 20: 138-151.
CrossRef - Okazaki, Y., I. Sato and S. Goto, 2002. A new intrusion detection method based on process profiling. Proceedings of the Symposium on Applications and the Internet, January 28-February 1, 2002, Nara, Japan, pp: 82-90.
CrossRef - Tao, F., Z.Y. Yin and J.M. Fu, 2010. Software behavior model based on system calls. Comput. Sci., 37: 151-157.
Direct Link - Tian, J.F., T. Liu and X.X. Chen, 2008. Survey in evaluation of intrusion detection system. Comput. Eng. Appl., 44: 113-117.
Direct Link - Wang, Y.P. and G.J. Song, 2009. The study for host defend system based on port detection. Microcomput. Inform., 25: 80-82.
Direct Link - Xu, M., C. Chen and J. Ying, 2004. Anomaly detection based on system call classification. J. Software, 15: 391-403.
Direct Link - Yang, Q., J.H. Yang, X.P. Wang and B. Ma, 2005. System design based on the combination of firewall and intrusion detection technology. J. Wuhan Univ. Technol., 27: 112-115.
Direct Link - Debar, H., M. Dacier and A. Wespi, 1999. Towards a taxonomy of intrusion-detection systems. Comput. Networks, 31: 805-822.
CrossRefDirect Link