Efficient middlebox scaling for virtualized intrusion prevention systems in software-defined networks

System intrusions violate the security of a system. In order to maintain it, it is necessary to decrease the chances of intrusions occurring or by detecting them as soon as they ensue in order to respond to them in a timely manner. These responses are divided in two types: passive or reactive responses. Passive responses are limited to only notification and alerting; whereas, reactive responses influence the intrusion by undoing or diminishing its consequences. Unfortunately, some reactive responses may influence the underlying system where the intrusion has occurred. This is especially a concern in the field of Industrial Automation Systems, as these systems are critical and have a well-defined set of operational requirements that must be maintained. Hence, automatic reactive responses are often not considered or are limited to human intervention. This paper addresses this issue by introducing a concept for reactive protection that integrates the automatic execution of active responses that do not influence the operation of the underlying Industrial Automation System. This concept takes into consideration architectural and security trends, as well as security and operational policies of Industrial Automation Systems. It also proposes a set of reactive actions that can be taken in the presence of intrusions in order to counteract them or diminish their effects. The feasibility and applicability of the presented concept for Industrial Automation Systems is supported by the implementation and evaluation of a prototypical Reactive Protection System.

Download Full-text

A Game Theory Approach for Intrusion Prevention Systems

Communications in Computer and Information Science - Applied Computer Sciences in Engineering ◽

10.1007/978-3-030-00350-0_19 ◽

2018 ◽

pp. 218-229

Author(s):

Julián Francisco Mojica Sánchez ◽

Octavio José Salcedo Parra ◽

Lewys Correa Sánchez

Keyword(s):

Game Theory ◽

Theory Approach ◽

Intrusion Prevention ◽

Intrusion Prevention Systems

Download Full-text

SNIPS: A Software-Defined Approach for Scaling Intrusion Prevention Systems via Offloading

Information Systems Security - Lecture Notes in Computer Science ◽

10.1007/978-3-319-13841-1_2 ◽

2014 ◽

pp. 9-29 ◽

Cited By ~ 2

Author(s):

Victor Heorhiadi ◽

Seyed Kaveh Fayaz ◽

Michael K. Reiter ◽

Vyas Sekar

Keyword(s):

Intrusion Prevention ◽

Intrusion Prevention Systems

Download Full-text

Intrusion Prevention System

Network Security Attacks and Countermeasures - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-8761-5.ch010 ◽

2016 ◽

pp. 245-258

Author(s):

Bijaya Kumar Panda ◽

Manoranjan Pradhan ◽

Sateesh Kumar Pradhan

Keyword(s):

Information Security ◽

Information Sharing ◽

Rapid Growth ◽

Detection Methods ◽

Intrusion Prevention ◽

Unauthorized Access ◽

Prevention System ◽

Intrusion Prevention Systems ◽

Intrusion Prevention System ◽

Use Of Internet

In the last decade, there is a rapid growth in the use of Internet by the organization for information sharing. As information is very vital to the organizations, it should be preserved and insulated from any unauthorized access or alternation. In last few years, attacks on the computer infrastructures have increased exponentially. Several information security techniques are available now a days like firewalls, anti-virus software and Intrusion prevention systems (IPSs), which are important tools for protecting an organization from intrusions. Now most attacks are impossible to defend with firewalls and anti-virus software alone. Without an IPS, such attacks are difficult to detect and prevent. This chapter presents different definitions of intrusion prevention system with meaningful explanation; compare network IPS with Host IPS, common and the advanced detection methods, common IPS components, coverage of attacks by IPS and criteria to select right IPS. Finally, this chapter concludes with an analysis of the challenges that still remain to be resolved.

Download Full-text