RESPOSTAS AUTOMÁTICAS PARA MELHORIA DA SEGURANÇA EM SISTEMAS DE DETECÇÃO DE INTRUSOS

Detalhes bibliográficos
Ano de defesa: 2003
Autor(a) principal: SANTOS, Glenda de Lourdes Ferreira dos
Orientador(a): ABDELOUAHAB, Zair lattes
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal do Maranhão
Programa de Pós-Graduação: PROGRAMA DE PÓS-GRADUAÇÃO EM ENGENHARIA DE ELETRICIDADE/CCET
Departamento: Engenharia
País: BR
Palavras-chave em Português:
sistema de resposta de intrusão
detecção de intrusos
segurança de redes de computadores
sistemas multiagentes
redes neurais
Palavras-chave em Inglês:
intrusion response system
intrusion detection
multi-agents systems
neural networks
Área do conhecimento CNPq:
CNPQ::CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO::METODOLOGIA E TECNICAS DA COMPUTACAO::ENGENHARIA DE SOFTWARE
Link de acesso: http://tedebc.ufma.br:8080/jspui/handle/tede/366
Resumo: The development of approaches for proving fast reactions against intruders and attackers have been one of the most important requirements in the critical defense of computer networks, since the intrusion occur quickly, demanding reactions without human intervention. These approaches should be able to, autonomously, respond to attacks and deal with several important aspects of the computer security problem in order to reduce the system administrator s workload Such approaches can offer larger reliability and effectiveness in the detection and response processes, a higher rate of security to private networks, better defense possibilities and, in addition, minimize the intruder's change of success. This research work deals with the specification of a society of intelligent agents for assessment and enhancement of intrusion response systems in computer networks. The proposal of the model of intrusion response system (IRS) be based on in several available architectures, in order to look for better solutions for the problems faced in the modelling of a system of that level. With that, was modeled a system to approach the main desirable functionalities for a system of active answers. The system, as part of the NIDIA (Network Intrusion Detection System based on Intelligent Agents) (Lima, 2001), is formed by a society of agents that are responsible for the functions of identification of the characteristic of the attack, choice of the best reaction strategy and for the execution of the response.The society is composed by agents able to determine and apply automatically corrective actions against attacks classified according to a given severity taxonomic model. In the proposed model was looked for to define response to intrusions for abuse and for anomaly to guarantee a lower robustness to the system.

Registros relacionados