침입 탐지 시스템과 침입 차단 시스템의 연동을 통한 보안 시뮬레이션

Security Simulation with Collaboration of Intrusion Detection System and Firewall

For the prevention of the network intrusion from damaging the system, both IDS (Intrusion Detection System) and Firewall are frequently applied. The collaboration of IDS and Firewall efficiently protects the network because of making up for the weak points in the each demerit. A model has been constructed based on the DEVS (Discrete EVent system Specification) formalism for the simulation of the system that consists of IDS and Firewall. With this model we can simulation whether the intrusion detection, which is a core function of IDS, is effectively done under various different conditions. As intrusions become more sophisticated, it is beyond the scope of any one IDS to deal with them. Thus we placed multiple IDS agents in the network where the information helpful for detecting the intrusions is shared nong these agents to cope effectively with attackers. If an agent detects intrusions, it transfers attacker’s information to a Firewall. Using this mechanism attacker s packets detected by IDS can be prevented from damaging the network.