Towards automatic security management: a model-based approach
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
| Hi-index | 0.00 |
With the development of application based on Internet, network security highlights its place increasing. Firewall and IDS are the equipment often used in Internet, but both of them can not run automatically. If we can reconfigure the firewall using the result of IDS, the security must be enhanced to a high level. In this paper, we designed an intrusion prevent system (IPS) based on Snort and Net filter by researching kernel codes of Snort and Net filter. The policy control module of the system was written in Multi-thread technologies. Meanwhile, the Algorithm of IDS and rule set of firewall was optimized to improve system efficiency. The system can block the attack source by dynamically modify firewall rules according to IDS.