Metrics
3 File views/ downloads
170 Record Views
Presentation
A process to transfer Fail2ban data to an adaptive enterprise intrusion detection and prevention system
UWF Student Scholar Symposium and Faculty Research Showcase
2016
Abstract
A process has been developed to transfer network intrusion data captured by Fail2ban to an adaptive enterprise intrusion detection and prevention system. The process involves software agents that we have created that are interconnected to a central behavior analysis database service where each software agent records attack meta-information collected during previous intrusion attempts. These distributed agents are the first phase of an overall plan to create a smarter network defense system through the collection and analysis of network signatures generated by real security threats. The central database to which the agents report warehouses and analyzes the meta-information collected by the interconnected agents. The agents can then utilize both instantaneous and historical data by integrating rules derived from the data collection and analysis process into intrusion prevention policies. The final result will be a modular and scalable network defense system that should be more responsive and adaptable to imminent threats.
Details
- Title
- A process to transfer Fail2ban data to an adaptive enterprise intrusion detection and prevention system
- Publication Details
- UWF Student Scholar Symposium and Faculty Research Showcase
- Resource Type
- Presentation
- Identifiers
- 99380090631006600
- Academic Unit
- Computer Science; Hal Marcus College of Science and Engineering ; Cybersecurity and Information Technology
- Language
- English