ดาวน์โหลดงานนำเสนอ
งานนำเสนอกำลังจะดาวน์โหลด โปรดรอ
1
iWaLL โดย 1. นายวีกิจ สัจจะมโนรมย์ 4931243221
1. นายวีกิจ สัจจะมโนรมย์ 2. นายสิขเรศ ศุภปัญญา 3. นายอภิชิต หาญบรรจง อาจารย์ที่ปรึกษาโครงการ อาจารย์ ดร.เกริก ภิรมย์โสภา Presentation date : 31 August 2009 Intelligent Firewall
2
Guideline -What’s a Firewall? -Problems of Firewall
-Objectives and Scope -Relevant Knowledges and Researches -What’s iWall? -iWall’s Architecture and Speciality -Schedule
3
What’s a Firewall? -The term “Firewall” is derived from
metal sheets which are designed to confine fire in a specific area. -Computer “Firewall” regulates computer traffic between different security domains.
4
Types of Firewall -Packet Filtering -Application Gateway
-Stateful Inspection
5
Firewall Architecture
-Single Box Architecture -Screened Host Architecture -Multi Layer Architecture
6
Types of Attack -Password Attacks -Denial of Service
-Trojan Horse & Virus -Man in the Middle -Packet Sniffing -IP Spoofing
7
Problems of Firewall -Depends solely on manufacturers’ attack signature database. -Insufficient to fend off unknown attack patterns.
8
Objectives -Create a firewall which can prevent new attack patterns.
-Create a firewall which is adaptive to working environment. -To ensure computer network security.
9
Scope -To create firewall rules automatically according to attack types and usages. -To keep logs for further uses in optimization by data mining. -Use layered filter to increase the efficiency of iWall in intrusion prevention issues.
10
Relevant Knowledges -Data Mining -Artificial Intelligence
-Computer Security
11
Data Mining -Applied on traffic log -Frequent Event Set
-Association Mining
12
Artificial Intelligence
-Reinforcement Learning -Heuristic functions are applied as reward functions.
13
Computer Security -Malware analysis -Intrusion Prevention
14
Relevant Researches -ระบบแม่ข่ายซีเคียวเซลล์ที่สามารถปรับตัวได้ ทางด้านการป้องกันการบุกรุก [ชนินทร์ ญาณภิ รัต และ ฐิติกร เขมวิลาส, 2007] -ไฟร์วอลล์ที่ปรับตัวได้ [สุธีร์ กิจเจริญการกุล และ อรุซ ถิรวัฒน, 2008]
15
What is iWall? -iWall is an combination between Application Layer firewall and Network Layer firewall.
16
iWall’s Architecture
17
Firewall -Netfilter / iptables -Embedded in UNIX kernel
19
Rule Server -Stores and create new rules.
-Receives new logs through filter server. -Analyzes logs. -Utilizes data mining and machine learning Algorithms. -Manageable via graphical user interfaces.
21
Filter Server -Activate and deactivate Filter Sets.
-Keeps track of Filter Sets in case of a failure. -Sends log to Rule Server.
23
Layered Filter -Filter Set Collection -Filter Set -Filter Node
24
Filter Set Collection -Contains several Filter Sets which process packets concurrently.
26
Filter Set -Isolated from one another. -Contains several Filter Nodes.
28
Filter Node -Simulates actual environment.
-Designed to lure an attack. -Order of execution sorted by performance and probability of malware detection.
29
iWall’s Speciality -Adaptability -Analyze, Learn and Protect
-Layered Filters
30
Adaptability -Adaptive to traffic congestion
-Adaptive to malware detection rate -Flexible to working environments “It is not the strongest of the species that survives, nor the most intelligent. It is the one that is the most adaptable to change.” - Charles Darwin
31
Analyze, Learn and Protect
-Log analysis is an iterative process in order to create efficient rules.
32
Schedule -Problem analysis -Requirement analysis -Design -Construction
-Validation and verification -Documentation and delivery
33
Schedule (Cont.)
34
Q&A THANK YOU
งานนำเสนอที่คล้ายกัน
© 2024 SlidePlayer.in.th Inc.
All rights reserved.