Modeling and Simulation of Network Security with the Coordination of IDSes and Firewall

摘要

The attackers on Internet-connected systems we are seeing today are more serious and more technically complex than those in the past. So it is beyond the scope of any one IDS (Intrusion Detection System) to deal with the intrusions. IDS monitors system activities to identify unauthorized use, misuse or abuse of computer and network system. A firewall that plays a vital role in network security restricts access between the Internet and the internal network. This paper shows a modeling and simulation of network security in which the multiple IDSes and a firewall coordinate by sharing attacker's information for the effective detection of the intrusion. Another characteristic in the proposed simulation is the composition of a real intrusion by generating non-abstracted intrusion packets and, accordingly, the construction of non-abstracted version of IDS and firewall model components that are closely related to the intrusion packets.