| Summary: | 碩士 === 國立中央大學 === 資訊管理研究所 === 91 === Because of the popularity and variety of network applications, network security is getting respected by people. Today, firewalls are the first line of defense of network security in most enterprises, and are also the most important mechanism of attack response. However, firewalls that are restricted by deployed positions and their architectures now suffer more and more challenges, and they also can’t defend more and more new attacks.
In this thesis, we analyze the evolutions and problems of firewalls, and then develop a cooperative firewall system which is based on the distributed firewall and the concepts of defense in depth and cooperative defense. All firewalls in the cooperative firewall system can cooperate with other defense mechanisms to achieve intrusion prevention. We first present some possible schemes of cooperative defense with cooperative firewall system and discuss their difficulties. Then we propose solutions to solve these difficulties. The solutions include a new generic rule based on XML to solve the communication problems in cooperative defense and the management problem of distributed firewalls, and a detection and defense method of internet worm to solve the problem of network jam when worms spreading.
We also propose the system architecture, operating procedures, and module design of our cooperative firewall system and build a prototype system that is able to solve the network jam of internet worm and make cooperative defense with intrusion detection system to explain the efficiency and applications of the cooperative firewall system.
|
|---|
