Detecção de Intrusões em Backbones de Redes de Computadores Através da Análise de Comportamento com SNMP
Abstract
The intrusion detections in backbones is a very important factor when you intend to assure the best use of resources, the availability and reachability over the network. This report intends to present a SNMP model based to help in detection of problems related to attacks involving the performance degradation in backbones through the analysis of behavior, using routers MIB variables.
Keywords:
Intrusion Detection, Network Management, SNMP, MIB
References
Cabrera, João. et al. Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables - A Feasibility Study. In Proceeding of The Seventh IFIP/IEEE International Symposium on Integrated Network Management (IM 2001), Seattle, WA, May 2001.
W. Stallings. Cryptography and Network Security: Principles and Practice. 2º ed, 1998.
SNORT. The Open Source Network Intrusion Detection System, URL: http://www.snort.org (jun. 2001).
SHADOW. Shadow IDS. URL: http://www.nswc.navy.mil/ISSEC/CID/index.html (abril de 2002)
Dragon. Enterasys Network Dragon 4. URL: http://www.enterasys.com/ids/. (abril de 2002).
NFR. NFR Network Intrusion Detection. URL: http://www.nfr.com/products/NID/.(abril de 2002).
CISCO, Cisco Network Monitoring and Event Correlation Guidelines. Cisco Systems, Inc.1999.
Campello, R; Weber, R. Sistemas de Detecção de Intrusão.Minicurso procedente do 19º Simpósio Brasileiro de Redes de Computadores (SBRC). Florianópolis, maio de 2001.
RFC2819. Remote Network Monitoring Management Information Base. Network Working Group, Request for Comments: 2819. S. Waldbusser of Lucent Technologies, May 2000.
W. Stallings. Cryptography and Network Security: Principles and Practice. 2º ed, 1998.
SNORT. The Open Source Network Intrusion Detection System, URL: http://www.snort.org (jun. 2001).
SHADOW. Shadow IDS. URL: http://www.nswc.navy.mil/ISSEC/CID/index.html (abril de 2002)
Dragon. Enterasys Network Dragon 4. URL: http://www.enterasys.com/ids/. (abril de 2002).
NFR. NFR Network Intrusion Detection. URL: http://www.nfr.com/products/NID/.(abril de 2002).
CISCO, Cisco Network Monitoring and Event Correlation Guidelines. Cisco Systems, Inc.1999.
Campello, R; Weber, R. Sistemas de Detecção de Intrusão.Minicurso procedente do 19º Simpósio Brasileiro de Redes de Computadores (SBRC). Florianópolis, maio de 2001.
RFC2819. Remote Network Monitoring Management Information Base. Network Working Group, Request for Comments: 2819. S. Waldbusser of Lucent Technologies, May 2000.
Published
2002-05-22
How to Cite
RHODEN, Guilherme Eliseu; MELO, Edison Tadeu Lopes; WESTPHALL, Carlos Becker.
Detecção de Intrusões em Backbones de Redes de Computadores Através da Análise de Comportamento com SNMP. In: BRAZILIAN SYMPOSIUM ON INFORMATION AND COMPUTATIONAL SYSTEMS SECURITY (SBSEG), 2. , 2002, Búzios.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2002
.
p. 79-86.
DOI: https://doi.org/10.5753/sbseg.2002.21267.
