{"title":"SecureDirect: proactive security through content based traffic control","authors":"J. Stevens, S. Saniepour","doi":"10.1109/AINA.2003.1192971","DOIUrl":null,"url":null,"abstract":"The exponential growth of Internet traffic has made public servers increasingly vulnerable to unauthorized accesses and intrusions. So far the focus of most studies of this problem has been on either blocking unused ports (fire-walling) or detecting attacks with an intrusion detection system (IDS). In this paper we introduce the design and implementation of SecureDirect, which is an attempt at addressing the problem of intrusion prevention by combining an IDS with a stateful load balancer SecureDirect is a real time load balancer that distinguishes between traffic coming from \"good\" clients and traffic originating from attackers. Based on this, traffic from an identified attacker is redirected to an alternative server where damage can be mitigated. The advantage of this system is that it blocks intrusions in a manner transparent to the attacker and allows for observation and investigation of attacks in order to enable the administrator to take appropriate action. We also suggest possible uses for this type of system, and then present the results of a series of stress tests against our implementation of the idea.","PeriodicalId":382765,"journal":{"name":"17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2003.1192971","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
The exponential growth of Internet traffic has made public servers increasingly vulnerable to unauthorized accesses and intrusions. So far the focus of most studies of this problem has been on either blocking unused ports (fire-walling) or detecting attacks with an intrusion detection system (IDS). In this paper we introduce the design and implementation of SecureDirect, which is an attempt at addressing the problem of intrusion prevention by combining an IDS with a stateful load balancer SecureDirect is a real time load balancer that distinguishes between traffic coming from "good" clients and traffic originating from attackers. Based on this, traffic from an identified attacker is redirected to an alternative server where damage can be mitigated. The advantage of this system is that it blocks intrusions in a manner transparent to the attacker and allows for observation and investigation of attacks in order to enable the administrator to take appropriate action. We also suggest possible uses for this type of system, and then present the results of a series of stress tests against our implementation of the idea.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
