Speakers Bureau View
124 Profile Views
-
123 Presentation Views
Dallas H. Snider
Chairperson
| A Process to Transfer Fail2ban Data to an Adaptive Enterprise Intrusion Detection and Prevention System | |
| Audience: | Adults |
| Description: | Presented at IEEE SoutheastCon 2016. In this paper, we describe a process that has been developed to transfer network intrusion data captured by Fail2ban to an adaptive enterprise intrusion detection and prevention system. The process involves software agents that we have created that are interconnected to a central behavior analysis database service where each software agent records attack meta-information collected during previous intrusion attempts. These distributed agents are the first phase of an overall plan to create a smarter network defense system through the collection and analysis of network signatures generated by real security threats. The central database to which the agents report warehouses and analyzes the meta-information collected by the interconnected agents. The agents can then utilize both instantaneous and historical data by integrating rules derived from the data collection and analysis process into intrusion prevention policies. The final result will be a modular and scalable network defense system that should be more responsive and adaptable to imminent threats. |
| Subject Areas: | Computer Science |
| Keywords: |
Cyber security Decision Support Systems Distributed AI Systems and Architecture Intelligent Networks Knowledge Discovery |
| Duration: | 1 hour or less |
| Fee: | No Cost |
Share