An intelligent firewall architecture model to detect internet-scale virus attacks
An intelligent firewall architecture model to detect internet-scale virus attacks
My MPhil Thesis is based on research in progress concerning an Intelligent Firewall Architecture Model against Internet-scale viruses. An Internet-scale virus is defined to be a piece of code or a program that performs unintended tasks and brings unintended side effect. The Intelligent Firewall focuses on risk management against novel attacks. A main purpose of this project is to integrate a packet-based classification engine and a smart detection engine into a firewall. Classification is based on finding proper information and establishing links between data, on the other hand, recognition is based on making a decision about the information after classifying the data. I would like to use these terms with these concepts in my thesis. The packet-based classification engine aims at classifying Internet-scale virus packets apart from normal packets using packet header and payload, and then the smart detection engine deals with the stream of filtered packets from the classification engine which selected them as having a high probability of containing malicious content. To classify and recognize malicious packets from normal packets, I surveyed statistics of current Internet-scale viruses and analyzed malicious packets. I describe current Internet-scale viruses' effects on the Internet and security systems' problems. I analyse features of present network security systems: firewalls, intrusion detection systems, and anti-virus servers and examine related work to cope with disadvantages of the systems. I disuss the current Internet-scale virus trend through Internet-scale viruses' statistics. I will present the concepts of the Intelligent Firewall by discussing statistics and a survey on several current Internet-scale virus attacks. Detailed studies concerning the analysis of the virus infection processes and security holes are beyond the scope of this thesis. Using this analysis and investigation, I propose an Intelligent Firewall model which has several packet-based components, especially the packet-based classification with Bayesian Networks, and the smart detection engine with a Self-Organizing Map. This thesis will be beneficial to other security systems, including router parts and anti-virus detection systems.
University of Southampton
Yoo, InSeon
1146072b-0e07-4f80-b022-85de6205843d
2004
Yoo, InSeon
1146072b-0e07-4f80-b022-85de6205843d
Yoo, InSeon
(2004)
An intelligent firewall architecture model to detect internet-scale virus attacks.
University of Southampton, Doctoral Thesis.
Record type:
Thesis
(Doctoral)
Abstract
My MPhil Thesis is based on research in progress concerning an Intelligent Firewall Architecture Model against Internet-scale viruses. An Internet-scale virus is defined to be a piece of code or a program that performs unintended tasks and brings unintended side effect. The Intelligent Firewall focuses on risk management against novel attacks. A main purpose of this project is to integrate a packet-based classification engine and a smart detection engine into a firewall. Classification is based on finding proper information and establishing links between data, on the other hand, recognition is based on making a decision about the information after classifying the data. I would like to use these terms with these concepts in my thesis. The packet-based classification engine aims at classifying Internet-scale virus packets apart from normal packets using packet header and payload, and then the smart detection engine deals with the stream of filtered packets from the classification engine which selected them as having a high probability of containing malicious content. To classify and recognize malicious packets from normal packets, I surveyed statistics of current Internet-scale viruses and analyzed malicious packets. I describe current Internet-scale viruses' effects on the Internet and security systems' problems. I analyse features of present network security systems: firewalls, intrusion detection systems, and anti-virus servers and examine related work to cope with disadvantages of the systems. I disuss the current Internet-scale virus trend through Internet-scale viruses' statistics. I will present the concepts of the Intelligent Firewall by discussing statistics and a survey on several current Internet-scale virus attacks. Detailed studies concerning the analysis of the virus infection processes and security holes are beyond the scope of this thesis. Using this analysis and investigation, I propose an Intelligent Firewall model which has several packet-based components, especially the packet-based classification with Bayesian Networks, and the smart detection engine with a Self-Organizing Map. This thesis will be beneficial to other security systems, including router parts and anti-virus detection systems.
Text
973841.pdf
- Version of Record
More information
Published date: 2004
Identifiers
Local EPrints ID: 465569
URI: http://eprints.soton.ac.uk/id/eprint/465569
PURE UUID: 3fe13b40-e4a3-49b8-b310-48357fe408fa
Catalogue record
Date deposited: 05 Jul 2022 01:50
Last modified: 16 Mar 2024 20:15
Export record
Contributors
Author:
InSeon Yoo
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics