ISP-operated protection of home networks with FIDRAN

A. Hess, G. Schafer
2003 International Symposium on VLSI Technology, Systems and Applications. Proceedings of Technical Papers. (IEEE Cat. No.03TH8672)  
In order to fight against the increasing number of network security incidents due to mal-protected home networks permanently connected to the Internet via DSL, TV cable or similar technologies, we propose that Internet Service Providers (ISP) operate and manage intrusion prevention systems (IPS) which are to a large extend executed on the consumer's gateway to the Internet (e.g. DSL router). This paper analyses the requirements of ISP-operated intrusion prevention systems and presents our
more » ... presents our approach of an IPS that runs on top of an active networking environment and is automatically configured by a vulnerability scanner. The system autonomously analyses the home network and correspondingly configures the IPS. Furthermore, our system detects and adjusts itself to changes in the home network (new service, new host, etc.). First performance comparisons show that our approach -while offering more flexibility and being able to support continous updating by active networking principlescompetes well with the performance of conventional intrusion prevention systems like Snort-Inline.
doi:10.1109/ccnc.2004.1286830 dblp:conf/ccnc/HessS04 fatcat:sm3aw5nisvhv3gwzdw3rhdw7iy