TY - GEN
T1 - Online faults/attacks detection and recovery
AU - Qu, Guangzhi
AU - Hariri, Salim
AU - Sneij, George
AU - Jin, Jionghua
PY - 2003
Y1 - 2003
N2 - The Internet has been growing at an amazing rate and concurrent with the growth, the vulnerability of the Internet is also increasing. Though the Internet has been designed to withstand various forms of failure, the intrusion tools and attacks are becoming increasingly sophisticated, exposing the Internet to new threats. To make networked systems reliable and robust it becomes highly essential to develop on-line monitoring, analysis, quantification of the behavior of networks under a wide range of faults/attacks and detection and recovery the network system from attacks/faults. In this paper, we present an agent-based architecture to detect and recover the system from network attacks/faults. Our approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the vulnerability metrics that can be used to quantify the operational state of any network component (router, client, server, sub network). With the help of the proposed autonomous network attack defense system, we can fulfill (a) online modeling and profiling infrastructure vulnerability, (b) quick network attack source identification and (c) proactive self-healing of the network attack.
AB - The Internet has been growing at an amazing rate and concurrent with the growth, the vulnerability of the Internet is also increasing. Though the Internet has been designed to withstand various forms of failure, the intrusion tools and attacks are becoming increasingly sophisticated, exposing the Internet to new threats. To make networked systems reliable and robust it becomes highly essential to develop on-line monitoring, analysis, quantification of the behavior of networks under a wide range of faults/attacks and detection and recovery the network system from attacks/faults. In this paper, we present an agent-based architecture to detect and recover the system from network attacks/faults. Our approach is based on deploying software agents on selected routers, clients and servers to continuously monitor the vulnerability metrics that can be used to quantify the operational state of any network component (router, client, server, sub network). With the help of the proposed autonomous network attack defense system, we can fulfill (a) online modeling and profiling infrastructure vulnerability, (b) quick network attack source identification and (c) proactive self-healing of the network attack.
KW - Attack detection
KW - Online monitoring
KW - Recovery
UR - http://www.scopus.com/inward/record.url?scp=1542434084&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=1542434084&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:1542434084
SN - 0889863989
SN - 9780889863989
T3 - Proceedings of the Second IASTED International Conference on Communications, Internet, and Information Technology
SP - 37
EP - 42
BT - Proceedings of the Second IASTED International Conference on Communications, Internet, and Information Technology
A2 - Hamza, M.H.
A2 - Hamza, M.H.
T2 - Proceedings of the Second IASTED International Conference on Communications, Internet, and Information Technology
Y2 - 17 November 2003 through 19 November 2003
ER -