EXAMINATION OF MODERN CONCEPTS FOR FIREWALLS AND COLLABORATIVE INTRUSION DETECTION
DOI:
https://doi.org/10.20535/2411-2976.22017.44-48Keywords:
firewall, network attacks, intrusion detection systems, intrusion prevention systems, CIDN.Abstract
Background. Modern firewall systems are compared to classical concepts. The filtering rules are analyzed on the examples of the leading solutions (presented by Gartner Inc.). The collaborative intrusion detection systems and networks as well as the threats based on the insider attacks on CIDN are examined. A common CIDN functionality catalogue is discussed. The aspects of the application of modern systems of network intrusion detection and prevention by the peculiarities of their implementation at different levels are considered in accordance with the model of ISO/OSI. Brief recommendations on the use of
known network security solutions in the construction of modern infocommunication networks to overcome various types of threats, in particular DoS type, virus and social engineering, are given.
Objective. The aim of the paper is to study the implementation and application of modern concepts of firewalls and collaborative network intrusion detection systems.
Methods. The research was carried out based on analysis of a large number of literary sources, the theory of building information security systems and avenues of manufacturers of systems for detecting and preventing network intrusion.
Results. The advanced firewalls like SMLIF, IPS, the collaborative intrusion detection systems gain in importance increasingly nowadays. They can be also deployed within the scenarios of NFC and IoT (Internet of Things). The FW and IDS are often combined into individual participating peers (LAN, WLAN, 2G-4G, NFC and Bluetooth) with possibility of collaboration and better prevention of both external and insider attacks.
Conclusions. The conducted research indicates the need to improve the implementation of modern network architecture with the use of integrated systems for detecting and counteracting network attacks. Despite the wide variety of network security solutions, this area of research remains relevant and suggests that the development of new concepts for protecting network architectures meets the current state of the industry, is timely and relevant, given the wide range of capabilities and scenarios for malicious intrusions and network system impacts.
Keywords: firewall; network attacks; intrusion detection systems; intrusion prevention systems; CIDN.
References
Firewalls: in excITingIP.com (Online): http://www.excitingip.com.
Greg Young. Hype Cycle for Infrastructure Protection, in Gartner Inc., 11 August 2015, Reg.-Nr. G00277614, P. 45.
Adam Hils, Greg Young, Jeremy D'Hoinne. Magic Quadrant for Enterprise Network Firewalls, in Gartner Inc., 22 April 2015, Reg.-Nr.
G00263955, P. 30.
Andriy Luntovskyy, Josef Spillner. Architectural Transformations in
Network Services and Distributed Systems: Service Vision. Case Studies, XXIV, 344p., 238 pict., Springer Nature Verlag, April 2017(ISBN: 9-783-6581-484-09).
Carol Fung, Raouf Boutaba. Intrusion Detection Networks: A Key to
Collaborative Security (ISBN-13: 978-1466564121), 2013, 261p.
Carol Fung. Collaborative Intrusion Detection Networks and Insider
Attacks, Univ. of Waterloo, ON, Canada, 2012.
