By Topic

Increasing Overall Network Security by Integrating Signature-Based NIDS with Packet Filtering Firewall

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Hamed Salehi ; Inf. Services Corp., Payam Noor Univ., Tehran, Iran ; Hossein Shirazi ; Reza Askari Moghadam

Today network intrusion detection and intrusion prevention system (NIDS/IPS) are considered as one of the hottest topics in computer security. On the other side firewalls have optimized several times and different types have been introduced. Today by integrating NIDS and firewall a new product comes to the market, which is called IPS. IPSs protect information systems from unauthorized access, damage or disruption. They are installed on network primary point and perform deep packet inspection (6 layers) so the hardware should be fast enough to sit almost invisibly within the network. This policy requires expensive hardware which is based on multiple server processor technology. It also needs appropriate changes in network design and policies. The cost may not be so reasonable for medium and small size companies. In this paper we are going to implement some kind of integration between signature-based NIDS and packet filtering firewalls which would increase the overall security by a reasonable cost in compare with modern IPSs. We try to conclude this by optimizing snort as a famous open source NIDS with a sample firewall program in Linux which is implemented by means of IPTABLES commands. The data is transferred in standard XML format. We also test the model by standard DARPA99 data sets and the results are satisfied.

Published in:

Artificial Intelligence, 2009. JCAI '09. International Joint Conference on

Date of Conference:

25-26 April 2009