2001 Fiscal Year Final Research Report Summary
Organization-defense Style Security System by using Detection of Omens of Illegal Access.
| Project/Area Number |
12558036
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (B)
|
| Allocation Type | Single-year Grants |
|---|
| Section | 展開研究 |
|---|
| Research Field |
情報システム学(含情報図書館学)
|
|---|
| Research Institution | Tohoku University |
|---|
Principal Investigator |
NEMOTO Yoshiaki Tohoku University, Graduate School of Information Sciences, Professor, 大学院・情報科学研究科, 教授 (60005527)
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
MANSFIELD Glenn Cyber Solutions, Inc. , President, 主任研究員
SONE Hideaki Information Synergy Center, Professor, 情報シナジーセンター, 教授 (40134019)
KATO Nei Tohoku University, Graduate School of Information Sciences, Associate Professor, 大学院・情報科学研究科, 助教授 (00236168)
|
|---|
| Project Period (FY) |
2000 – 2001
|
| Keywords | Illegal Access / Detection of Omens / Securitv System |
|---|
| Research Abstract |
Along with the development of Internet, the detection of illegal access is becoming a major issue. A guarantee of a secure utilization of Internet is very vital for developers. Therefore, the technology of preventing Internet from intrusion and denial of service attacks is in great demand.
The typical cases of illegal access are as follows:
1- Penetrating and gaining privileges by illegal measures, then stealing classified information, destroying the system or using it as a stepping-stone for further attacks.
2- Forging the source IP address and sending a large amount of useless traffic.
3- Generating incomplete connections far beyond design limitations of the targeted WWW and DNS server to force it to no longer function.
In order to prevent illegal access, the detection of signs of an oncoming attack can be effective. By so doing, we can protect our network system beforehand.
In this research, we propose an organization-defense style security system by using the detection of omens (signs) of illegal access. This system detects various network scans that intend to find out vulnerability of remote network nodes. We implemented the system and evaluated its performance on an operating network. Experimental results show the effectiveness of our proposed system.
|
