Designing an Intrusion Prevention System IPS: Firewall Routing and GSM

Authors

  • Carlo Manuali

Abstract

Object of the present thesis work is the information security and the analysis of related information system network attacks in order to implement an Intrusion Prevention System (IPS) based on the detection of suspicious traffic in a computer network. Starting from the mentioned analysis, we introduce the topic of how-to provide an IPS by comparing the state of art of these kind of systems. In particular, the problems they have to face are reported and, on this basis, an innovative architecture for the implementation of an IPS based on reactive and dynamics actions suited for particular attacks or well-defined critical conditions, is proposed. A detailed overview of this architecture and different (re)actions which provide, among other things, the interaction with the perimeter firewall, the default router (for the considered subnets) and a Global System for Mobile Communications (GSM) sub-system for alerting and notifying, are also presented. Results obtained demonstrate the applicability of this approach (that is a complete security model formed by an IPS interacting with other devices in the network, like firewalls and routers, combined with different technologies, like a GSM, rather than the classic e-mail system, for proving event and alarm reports) in order to identify and prevent different kinds of cyber attacks.

Downloads

Published

2015-03-14

Issue

Section

Information and Communication Technology