Uma arquitetura de segurança computacional inspirada no sistema imunologico
AUTOR(ES)
Fabricio Sergio de Paula
DATA DE PUBLICAÇÃO
2004
RESUMO
The human immune system is able to guarantee the survival of an individual for his/her entire life, even though he/she encounters potentially deadly parasites, bacteria and viruses on a daily basis. In this way, this biological system provides a rich source of inspiration for the security of computer networks. Besides the fact that the human immune system presents a closely-related model of the real network conditions in the present day, it has many features that are desirable for a security system.Given these facts, this work explores the features and principIes of the human immune system for building a network security architecture. The architecture developed here enables the identification of attacks through intrusion evidence analysis, provides specific and unspecific responses and is able to extract signature for new attacks, making the computer system dinamically adaptable against new attacks. A prototype, ADENOIDS, was implemented based on this architecture, covering the main modeled features and considering buffer overflow attacks. Experimental results show that it is possible to identify new attacks by the intrusion evidence analysis mechanism. Afier identification, ADENOIDS activates system restoration mechanisms and initiates the signature extraction processo By using an algorithm developed in this research it is possible to discard false-positives and to identify the attack signatures
ASSUNTO(S)
computadores - medidas de segurança redes de computação - medidas de segurança imunologia
ACESSO AO ARTIGO
http://libdigi.unicamp.br/document/?code=vtls000336795Documentos Relacionados
- Resposta automatica em um sistema de segurança imunologico computacional
- Um sistema computacional para análise de segurança em sistemas de energia elétrica
- Efeito modulador da ouabaína no sistema imunológico
- GSSA : uma arquitetura de segurança para grid services
- GISE : uma arquitetura para a integração de múltiplas fontes de dados na grade computacional