Sobre a percepÃÃo remota de sniffers para detectores de intrusÃo em redesTCP/IP
AUTOR(ES)
Evandro Curvelo Hora
DATA DE PUBLICAÇÃO
1999
RESUMO
Since the early days of the Internet, security problems are a common issue. The non-correctness of code implementations of operating systems, protocol stacks, servers and administration procedure errors in networks connected to the Internet usually allow remote hacking probes and exploring, and the result is a large-scale problem with non-trivial solution. Nowadays, new trends and research on network protection techniques have improved the network security approaches towards âperception schemesâ, as a second front, when the traditional security defenses are compromised or broken. Packet sniffers are software tools commonly used by network intruders to disclose user passwords, authentication protocol schemes and confidential application data traffic. A common solution includes cryptography schemes with session crypto keys and secure tunnels, however few applications implement this solution. This way, it seems very important the improvement of intrusion detection models and techniques to include packet sniffer activity detectors. This work presents the network security problem, non-authorized packet sniffing threats, the state-of-the-art on intrusion detection and compares recent packet sniffer detection approaches, proposing an architecture for remote sniffing detection
ASSUNTO(S)
seguranÃa de rede, sniffer, detectores de intrusÃo, tcp/ip network security, sniffer, intrusion detection system, tcp/ip ciencia da computacao
Documentos Relacionados
- Um sistema de detecÃÃo de intrusÃo em tempo real para redes IEEE 802.11.
- StatefulanalysisofTCP/IPnetworktrafficforintrusiondetectionapplication
- Análise de estado de tráfego de redes TCP/IP para aplicação em detecção de intrusão
- ARTIFICIAL NEURAL NETWORKS APPLIED TO INTRUSION DETECTION ON TCP/IP NETWORKS
- Modelo de decisÃo de investimento em tecnologia da informaÃÃo: uma percepÃÃo de valor
