AutonomicSec: Um Mecanismo Autonômico para Segurança de Redes baseado em Decepção / AutonomicSec: A Autonomic Mechanism for Networks Security based on Deception

AUTOR(ES)
FONTE

IBICT - Instituto Brasileiro de Informação em Ciência e Tecnologia

DATA DE PUBLICAÇÃO

21/03/2012

RESUMO

Security in computer networks is the area responsible for protecting the data passing through it. The research for better security strategies has increased considerably since exists a vast number of attempted attacks. These attacks have caused financial loss and reputation damage to companies, institutions and individuals. There are several obstacles to achieve security into networks and it led to increase the problem complexity of security management. For this reason, it is interesting using the resources offered by Autonomic Computing (AC). AC systems are capable of manage themselves and to adapt dynamically to changes in order to restore its balance according to policies and business goals. The architecture and properties of AC to implement systems offers many advantages to be applied to network security. In this work, we present the concepts of AC and demonstrate its applicability on the network computer security context. The AC concepts application in network security introduces the auto-security capability to the system. To show the feasibility of achieving auto-security, we developed and present an autonomic mechanism for network protection. This mechanism is represented, initially, by an autonomic framework, which is organized according to MAPE-K model. In this model, autonomic managers perform the sensing activities on the execution environment, context analysis, planning and execution of dynamic reconfiguration actions. Then, we implemented two autonomic cycles. The first cycle aims to generate firewall rules based on honeypots log files. The second cycle is responsible for manipulate, dynamically, virtual honeypots that are classified as compromised. The results show that it is possible to obtain integration and cooperation between security systems; intelligence, through the deployment of autonomic strategies that turn the protection process dynamic; and autonomy, to achieve self-security on the network.

ASSUNTO(S)

segurança de redes computação autonômica metodologia de decepção autonomic computing methodology of deception ciencia da computacao network security

Documentos Relacionados