一种利用Netfilter的混合框架在防火墙安全中减轻恶意软件攻击的方法

Q4 Computer Science International Journal of Open Source Software and Processes Pub Date : 2018-01-01 DOI:10.4018/IJOSSP.2018010103

Nivedita Nahar, Prerna Dewan, Rakesh Kumar

{"title":"一种利用Netfilter的混合框架在防火墙安全中减轻恶意软件攻击的方法","authors":"Nivedita Nahar, Prerna Dewan, Rakesh Kumar","doi":"10.4018/IJOSSP.2018010103","DOIUrl":null,"url":null,"abstract":"With the steady advancements in the technology, the network security is really important these daystoprotectinformationfromattackers.Inthisresearch,themainfocusisondesigningstrong firewallfilteringrulessothatdetectionofmaliciouscodeisachievedtoanoptimallevel.Aproposed frameworkisintroducedtoimprovetheperformanceparameterssuchasServerresponsetime,Web contentanalysis,Bandwidth,andtheperformanceoftheNetworktrafficload.Thisresearchwork definesanewsetofIPtablerulesachievedbymodifyingthekernelsourcecode.Thisisdoneusing OpenBSDkernelsourcecode,whichresultsintheformationofamini-firewall.Therefore,anew hybridapproachisproposedbyaddingpacketfilteringrulesandSNORTtechnologyinmini-firewall formaliciousactivitydetection.Itisanefficientandpracticaltechniquewhichwillbehelpfulto mitigate the malware attacks and secure LAMP server. Experimental analysis has been done to concludethataround70-75%maliciousactivitycanbereducedbyusingtheproposedtechnique. KeywORdS Attack Mitigation, Deep Packet Inspection, Distributed Denial of Service, Information Security, Intrusion Detection System, Packet Filtering Rule Editor","PeriodicalId":53605,"journal":{"name":"International Journal of Open Source Software and Processes","volume":"48 1","pages":"32-61"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An Approach to Mitigate Malware Attacks Using Netfilter's Hybrid Frame in Firewall Security\",\"authors\":\"Nivedita Nahar, Prerna Dewan, Rakesh Kumar\",\"doi\":\"10.4018/IJOSSP.2018010103\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the steady advancements in the technology, the network security is really important these daystoprotectinformationfromattackers.Inthisresearch,themainfocusisondesigningstrong firewallfilteringrulessothatdetectionofmaliciouscodeisachievedtoanoptimallevel.Aproposed frameworkisintroducedtoimprovetheperformanceparameterssuchasServerresponsetime,Web contentanalysis,Bandwidth,andtheperformanceoftheNetworktrafficload.Thisresearchwork definesanewsetofIPtablerulesachievedbymodifyingthekernelsourcecode.Thisisdoneusing OpenBSDkernelsourcecode,whichresultsintheformationofamini-firewall.Therefore,anew hybridapproachisproposedbyaddingpacketfilteringrulesandSNORTtechnologyinmini-firewall formaliciousactivitydetection.Itisanefficientandpracticaltechniquewhichwillbehelpfulto mitigate the malware attacks and secure LAMP server. Experimental analysis has been done to concludethataround70-75%maliciousactivitycanbereducedbyusingtheproposedtechnique. KeywORdS Attack Mitigation, Deep Packet Inspection, Distributed Denial of Service, Information Security, Intrusion Detection System, Packet Filtering Rule Editor\",\"PeriodicalId\":53605,\"journal\":{\"name\":\"International Journal of Open Source Software and Processes\",\"volume\":\"48 1\",\"pages\":\"32-61\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Open Source Software and Processes\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/IJOSSP.2018010103\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Open Source Software and Processes","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/IJOSSP.2018010103","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 1

摘要

随着技术的不断进步，网络安全变得越来越重要daystoprotectinformationfromattackers。Inthisresearch，themainfocusisondesigningstrong firewallfilteringrulessothatdetectionofmaliciouscodeisachievedtoanoptimallevel。Aproposed frameworkisintroducedtoimprovetheperformanceparameterssuchasServerresponsetime，Web contentanalysis，Bandwidth，andtheperformanceoftheNetworktrafficload。Thisresearchwork definesanewsetofIPtablerulesachievedbymodifyingthekernelsourcecode。Thisisdoneusing OpenBSDkernelsourcecode，whichresultsintheformationofamini-firewall。Therefore，anew hybridapproachisproposedbyaddingpacketfilteringrulesandSNORTtechnologyinmini-firewall formaliciousactivitydetection。Itisanefficientandpracticaltechniquewhichwillbehelpfulto mitigate_恶意软件攻击_和_ secure_ lamp_服务器。已经对concludethataround70-75%maliciousactivitycanbereducedbyusingtheproposedtechnique进行了实验分析。关键词:攻击缓解，深度包检测，分布式拒绝服务，信息安全，入侵检测系统，包过滤规则编辑器

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

An Approach to Mitigate Malware Attacks Using Netfilter's Hybrid Frame in Firewall Security

With the steady advancements in the technology, the network security is really important these daystoprotectinformationfromattackers.Inthisresearch,themainfocusisondesigningstrong firewallfilteringrulessothatdetectionofmaliciouscodeisachievedtoanoptimallevel.Aproposed frameworkisintroducedtoimprovetheperformanceparameterssuchasServerresponsetime,Web contentanalysis,Bandwidth,andtheperformanceoftheNetworktrafficload.Thisresearchwork definesanewsetofIPtablerulesachievedbymodifyingthekernelsourcecode.Thisisdoneusing OpenBSDkernelsourcecode,whichresultsintheformationofamini-firewall.Therefore,anew hybridapproachisproposedbyaddingpacketfilteringrulesandSNORTtechnologyinmini-firewall formaliciousactivitydetection.Itisanefficientandpracticaltechniquewhichwillbehelpfulto mitigate the malware attacks and secure LAMP server. Experimental analysis has been done to concludethataround70-75%maliciousactivitycanbereducedbyusingtheproposedtechnique. KeywORdS Attack Mitigation, Deep Packet Inspection, Distributed Denial of Service, Information Security, Intrusion Detection System, Packet Filtering Rule Editor

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Open Source Software and Processes Computer Science-Software

CiteScore

1.90

自引率

0.00%

发文量

期刊介绍： The International Journal of Open Source Software and Processes (IJOSSP) publishes high-quality peer-reviewed and original research articles on the large field of open source software and processes. This wide area entails many intriguing question and facets, including the special development process performed by a large number of geographically dispersed programmers, community issues like coordination and communication, motivations of the participants, and also economic and legal issues. Beyond this topic, open source software is an example of a highly distributed innovation process led by the users. Therefore, many aspects have relevance beyond the realm of software and its development. In this tradition, IJOSSP also publishes papers on these topics. IJOSSP is a multi-disciplinary outlet, and welcomes submissions from all relevant fields of research and applying a multitude of research approaches.