Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: De Capitani di Vimercati, Sabrinaa | Lincoln, Patrickb | Ricciulli, Livioc | Samarati, Pierangelad
Affiliations: [a] Dipartimento di Elettronica per l'Automazione, Università di Brescia, 25123 Brescia, Italy. E-mail: [email protected] | [b] Computer Science Laboratory, SRI International, Menlo Park, CA 94025, USA. E-mail: [email protected] | [c] Metanetworks Inc., 647 N. Santa Cruz Ave, Los Gatos, CA 95032, USA. E-mail: [email protected] | [d] Dipartimento di Tecnologie dell'Informazione, Università di Milano, 20163 Crema, Italy. E-mail: [email protected]
Note: [1] A preliminary version of this paper appeared under the title “PGRIP: PNNI Global Routing Infrastructure Protection” in The Internet Society 1999 Network and Distributed System Security Symposium (NDSS’99), San Diego, CA, USA, February 1999.
Abstract: The development of new classes of distributed applications such as telephony, remote video, and virtual reality introduces new quality requirements that make inadequate even the current best-effort service model provided by international networks. Recent research activity has proposed new approaches to accommodate these new application requirements. While exploiting the resource needs of different applications to use the network resources efficiently, these approaches require the maintenance of a considerable amount of state information at the network nodes. Correctness and availability of such information are the basic requirements for the proper working of the network. In this paper we present a system, called Global Infrastructure Protection System (GIPS), to control improper modifications to this state information. We illustrate the GIPS's architecture and identify topology conditions to guarantee the distributed fault tolerant detection of anomalies. The system is based on the use of a hierarchical structure to organize and maintain the information at each node. Improper network states are described through rules that characterize state information updates that may result anomalous (or uncommon) with respect to the network status, past events occurred, or statistical measures. We introduce a notation to represent state information coming from heterogeneous protocols, and statistical operators to examine the history of state updates accumulated during operation. Finally, we present some examples using our notation to express heuristical rules detecting anomalous operations in a network.
DOI: 10.3233/JCS-2001-9401
Journal: Journal of Computer Security, vol. 9, no. 4, pp. 251-283, 2001
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
[email protected]
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office [email protected]
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
[email protected]
For editorial issues, like the status of your submitted paper or proposals, write to [email protected]
如果您在出版方面需要帮助或有任何建, 件至: [email protected]