Emulation of the Active Immune Response in a Computer Network
Final performance rept. Sep 2005-Sep 2008
STATE UNIV OF NEW YORK AT BINGHAMTON
Pagination or Media Count:
Active immune response AIR offer principles that could be successfully implemented in defense mechanisms of computer networks of the nearest future decentralized detectionmitigation, portable specialized defense agents, continuous status assessment, feedback mechanism assuring a rational parity between attacking and defense agents, etc. A mathematical model of AIR has been developed and validated by simulation. On its basis, a computer network defense mechanism utilizing the above features, capable of deployment of specialized anti-worm entities in a computer network, is proposed. It leads to the development of a fully automatic computer network defense system. The feasibility and implementation aspects of the particular components of this system are addressed. A system call-based approach resulting in the improved IDS, and an approach to continuous status assessment of a computer networks by selective scanning are developed.
- Computer Systems