Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지

Implementation of Intrusion Detection System Using Packet Capture

패킷캡쳐를 이용한 침입탐지 시스템의 구현

  • Published : 2002.10.01
Download PDF
⟨ Previous Next ⟩

Abstract

Computer security is considered important due to the side effect generated from the expansion of computer network and rapid increase of use of computers. A attack of intruders using a vulnerability of operating system, protocol and application programs. And so, The attack methods is to be high technology and professional. Thus It must be necessity that we necessary a solution to structure, management for framework of information technology. This paper develope intrusion detecting system for separating intruders form critical system and design IDS model and implementation of it.

컴퓨터 확산 및 네트워크 이용의 급격한 증가에 따른 부작용으로 컴퓨터 보안 문제가 중요하게 대두되고있다. 공격자들의 공격은 운영체제, 프로토콜, 응용프로그램에서 취약점을 이용하고 있으며 그 기술이 고도화, 전문화 되어가고 있다. 그러므로 정보통신망의 기반구조를 구성하는 구성요소들에 대한구조, 관리에서의 문제점을 해결하기 위한 기반구조 보호기술이 필요하다. 본 논문에서는 효과적으로 침입자를 차단하여 중요 시스템에서 분리시키기 위한 침입탐지시스템을 개발하고, IDS 모델을 설계 및 구현한다.

Keywords

References

  1. James Cannady, Jay Harrell, 'A Comparative Analysis of Current Intrusion Detection Technologies,' 1998. 2
  2. Mansour Esmaili, Rei Safavi-Naini, 'Case- Based Reasoning for Intrusion Detection, 'Computer Security Applications Conference PP.214-222. 1996
  3. 이종성, 채수환, '분산 침입 탐지 에이전트를 기반으로 한 지능형 침입탐지시스템 설계,' 한국정보처리학회 논문지 제6권 제5호, 1999년 5월
  4. Herve Debar, Marc Dacier and Andres Wespi, 'Towards a Taxonomy of Intrusion-Detection Systems', Research Report of IBM Research Division, Zurich Research Laboratory, Jen, 1998
  5. Taimur Aslam, Invan Krsul and Eugene Spafford, 'Use of A Taxonomy of Security Faults'. In 19th National Information System Security Conference Proceedings, Baltimore, MD, Oct. 1996
  6. Denning, Dorithy, 'An Intrusion-Detection Model', IEEE Transaction on Software Enginneering, Vol. SE-13, No.2, Feb.1987
  7. Mansour Esmaili, Rei Safavi-Naini, 'Case-Based Reasoning of Intrusion Detection, 'Computer Security Applications Conference PP.214-222, 1996
  8. Teresa F. Lunt. 'Detecting intruders in computer systems,' 1993 Conference on Auditing and Computer Technology, 1993
  9. Karl Levitt, Calvin Ko, and George Fink. 'Automated detection of vulnerabilities in privileged programs by execution monitoring,' 1994 Computer Security Application Conference, 1994
  10. Debra Anderson, Teresa F. Lunt, Harold Javitz, Ann Tamaru, and Alfonso Valdes. 'Detecting unusual program behavior using the statistical component of the Next-Generation Intrusion Detection Expert System (NIDES)'
  11. M. Bishop, 'A STANDARD AUDIT TRAIL FORMAT', In Proceedings of the 18th National Information Systems Security Conference, Baltimore, Pages 136-145, 1995
  12. Herve Debar, Marc Dacier and Andreas Wespi, 'Research Report Towards a Taxonomy of Intrusion Detection Systems', IBM Research Division, Zurich Research Laboratory, June. 1998
  13. Phillip A. Porras and Peter G. Neumann, EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances, SRI International, December 18, 1996
  14. S. Staniford-Chen, S. Cheung, R.Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, C. Wee, R. Yip, D. Zerkle, 'GrIDS-A GRAPH BASED INTRUSION DETECTION SYSTEM FOR LARGE NETWORKS', Department of Computer Science, UC Davis, CA 95616, January 26, 1999
  15. Deborah Frincke, Don Tobin, Jesse McConnell, Jamie Marconi, Dean Polla, 'A Framework for Cooperative Intrusion Detection, Center for Secure and Dependable Software', Department of Computer Science, University of Idaho, Moscow, ID 83844-1010
  16. Jai Sunder Balasubramaniyan, Jose Omar Garcia- Fernandez, David Isacoff, Eugene Spafford, Diego Zamboni, 'An Architecture for Intrusion Detection using Autonomous Agents', COAST Laboratory, Purdue University, West Lafayette, IN 47907-1398, June 11, 1998
  17. Clifford Kahn, Phillip A. Porras, Stuart Staniford-Chen, Brian Tung, 'A Common Intrusion Detection Framework', The Open Group, SRI, UC Davis, ISI, July,1998
  18. National Computer Security Center, A Guide to Understanding Audit in Trusted Systems, NCSC-TG-001 VERSION-2 Library No. S-228, 470, July, 1987