Pages

Sunday, October 10, 2010

Intrusion Detection and Isolation Protocol

Intrusion Detection and Isolation Protocol

ABSTRACT:


The landscape of doing business today is significantly different from the landscape of just five years ago. Companies are more connected than ever, with the promise that network expansion will only continue. As a result, companies must grapple with how to keep their network safe, without sacrificing growth or productivity.

The first step that virtually all organizations connected to the Internet take is to install some network boundary control devices, say, a firewall, which acts as a perimeter guard for the network determining what traffic to allow or deny in or out. The second layer of defense is to detect the presence of attacks within the traffic allowed to flow within the network and to protect the network from those attacks.

The most common belief today is that a passive network intrusion detection system (NIDS) can protect an organization from these attacks. Unfortunately, this is far from the truth. Because the adversary can take actions at computer speeds, systems need the capability to react without human intervention. Thus automated response to intrusions has become a major issue in defending critical systems. This has led to the need for an infrastructure that supports development of automated response systems.

Such an infrastructure must allow easy integration of detection and response components to enable experimentation with automated response strategies. The seminar is about a protocol called as the Intruder Detection and Isolation Protocol (IDIP) and provides an overview of the IDIP concept, rationale, terminology, description software architecture and how it supports the need for an intrusion detection and response infrastructure.

for more info visit.
http://www.enjineer.com/forum

No comments:

Post a Comment