Uma arquitetura de segurança computacional inspirada no sistema imunologico

AUTOR(ES)
DATA DE PUBLICAÇÃO

2004

RESUMO

The human immune system is able to guarantee the survival of an individual for his/her entire life, even though he/she encounters potentially deadly parasites, bacteria and viruses on a daily basis. In this way, this biological system provides a rich source of inspiration for the security of computer networks. Besides the fact that the human immune system presents a closely-related model of the real network conditions in the present day, it has many features that are desirable for a security system.Given these facts, this work explores the features and principIes of the human immune system for building a network security architecture. The architecture developed here enables the identification of attacks through intrusion evidence analysis, provides specific and unspecific responses and is able to extract signature for new attacks, making the computer system dinamically adaptable against new attacks. A prototype, ADENOIDS, was implemented based on this architecture, covering the main modeled features and considering buffer overflow attacks. Experimental results show that it is possible to identify new attacks by the intrusion evidence analysis mechanism. Afier identification, ADENOIDS activates system restoration mechanisms and initiates the signature extraction processo By using an algorithm developed in this research it is possible to discard false-positives and to identify the attack signatures

ASSUNTO(S)

computadores - medidas de segurança redes de computação - medidas de segurança imunologia

ACESSO AO ARTIGO

Documentos Relacionados