Design of Secure Monitor in the Secure Zone Cooperation
We propose a Secure Zone Cooperation to protect unknown types of attack and to improve efficiency of security systems. The Secure Zone Cooperation, a framework that establishes mutual collaboration and cooperation between trusted zones, can protect systems and networks from potential attacks. This framework can predict and respond to attacks by exchanging security information and cooperating with each zone. A Secure Monitor plays a major role in detecting security events in the Secure Zone Cooperation, so its ability is a key factor that represents the safety of the Secure Zone. In this paper, we introduce the design of the Secure Monitor.
Unable to display preview. Download preview PDF.
- 1.B. Chang, D. Kim, Y. Kwon, T. Nam, T. Chung, Security management by zone cooperation in active network environment, in: Proceedings of the 2002 International Conference on Security and Management (SAM’02), Las Vegas, USA, 2002, pp. 187–192.Google Scholar
- 2.B. Cubaleska, M. Schneider, Applying trust policies for protecting mobile agents against DoS, in: Proceedings of the Third IEEE International Workshop on Policies for Distributed Systems and Networks, Monterey, USA, 2002, pp. 198–201.Google Scholar
- 3.D. Chapman, D. Zwicky, Building Internet Firewalls, O’Reilly & Associates, Inc., 1996.Google Scholar
- 4.S. Harris, Denying Denial-of-Service, Information Security Magazine, Sept. 2001, http://www.infosecuritymag.com/articles/september01/cover.shtml.
- 5.K. Houle, G. Weaver, Trends in Denial of Service v1.0, Report of the CERT/CC, Oct. 2001, http://www.cert.org/archive/pdf/DoS_trends.pdf.
- 6.G. Helmer, J. Wong, V. Honavar, L. Miller, Lightweight agents for intrusion detection, Submitted to the Journal of Systems and Software, Iowa State University, Nov. 2000, http://latte.cs.iastate.edu/~ghelmer/NewFacets.ps.
- 7.C. Kaufman, R. Perlman, M. Speciner, Network Security: PRIVATE Communication in a PUBLIC World, Prentice Hall PTR, 1995.Google Scholar
- 8.S. McClure, J. Scambray, G. Kurtz, Hacking Exposed-Network Security Secrets & Solu-tions, McGraw-Hill Companies, 1999.Google Scholar
- 9.D. Sterne, K. Djahandari, R. Balupari, W. Cholter, B. Babson, B. Wilson, P. Narasimhan, A. Purtell, D. Schnackenberg, S. Linden, Active network based DDoS defense, in: Proceedings of the DARPA Active Networks Conference and Exposition (DANCE’02), San Francisco, CA, 2002, pp. 193–203.Google Scholar
- 11.Kemmerer, R.A., Vigna, G., Intrusion detection: a brief history and overview, Computer, Volume:35, Issue:4, supl27–supl30,April 2002.Google Scholar