Preventing Unknown Malware Attack by using Intelligence intrusion Multi detection prevention Systems

摘要

This paper is intended to provide a model for "Preventing Unknown Malware attack by using Intelligence Intrusion Multi Detection Systems" , Itrndescribes the state's overall requirements regarding the acquisition and implementation of intrusion prevention and detection systems with intelligence (IIPS/IIDS). This is designed to provide a deeper understanding of intrusion prevention and detection principles with intelligence may be responsible for acquiring, implementing or monitoring such systems in understanding the technology and strategies available.rnWith the need for evolution, if not revolution, of current network architectures and the Internet, autonomous and spontaneous management will be a key feature of future networks and information systems. In this context, security is an essential property. It must be thought at the early stage of conception of these systems and designed to be also autonomous and spontaneous.rnFuture networks and systems must be able to automatically configurernthemselves with respect to their security policies. The security policy specification must be dynamic and adapt itself to the changing environment. Those networks and systems should interoperate securely when their respective security policies are heterogeneous and possibly conflicting. They must be able to autonomously evaluate the impact of an intrusion in order to spontaneously select the appropriate and relevant response when a given intrusion is detected.rnAutonomous and spontaneous security is a major requirement of future networks and systems. Of course, it is crucial to address this issue in different wireless and mobile technologies available today such as RFID,Wifi, Wimax, 3G, etc. Other technologies such as ad hoc and sensor networks, which introduce new type of services, also share similar requirements for an autonomous and spontaneous management of security.rnIntelligence Intrusion Prevention Systems (UPS) are designed to aid in preventing the compromise of information systems and thus help preserve the basic triad of all security, confidentiality, Integrity and availability (CIA), not only of information but therninfrastructures that store and transmit it as well.rnIntelligence Intrusion detection systems (IDS) refer to any technology or strategy that allows us to detect the attempted compromise of our systems and information, and as before, preserve the CIA of the information and infrastructures.rnIn many cases these two systems work together and with the networking infrastructure to do their jobs. As IIPS/IIDS technology has improved over the last few years, prevention and detection have been consolidated into one network device, or as it is commonly referred to, one "appliance." In other cases the IPS is a separate technology, usually a software package or "agent" that runs on a desktop or host to detect attempted compromise.