International Conference on Computer Technology and Development, 3rd (ICCTD 2011)
387 Securouter — A Novel Dynamic Firewall System Embedded with IDS Integration
Download citation file:
- Ris (Zotero)
- Reference Manager
As the traditional firewalls filter only the known types of attacks through blocking the packets sent from/to designated IP addresses or ports, only static and very limited protection are provided. A security framework with a double-homed host (SecuRouter) at its core, which is a firewall that could dynamically modify its rule set from the notification messages sent by the legitimate intrusion detection agents running in the protected LAN, is presented in the paper. Through providing a uniform interface with these algorithm-independent intrusion detection modules, the approach shows a better adaptability and extensibility. Provided along with the framework is a packet logging mechanism, with which help further off-line analysis of the network traffic can be easily implemented.