Ying Zheng

Abstract: This paper proposes a security transfer model founded on the active defense strategy. In the unit of security domains of dynamic overlaying routers, this model defines the intelligent agent/ management of network element together with the self-similar, hierarchical and distributed management structure. Furthermore, we use deceptive packets so that the attackers can not trace back to the encrypted data packets. Finally, according to the digested information from data packets, this model is capable of detecting attacks and tracing back to the attackers immediately. In the meantime, the overlaying routers in the security domain are dynamically administered. In summary, this model not only improves the se-curity of data transfer on the web, but also enhances the effectiveness of the network management and switching efficiency of routers as well.

Keywords: Active Defense, Digested Information, Routing Control, Deceptive Packets, Hierarchical Management

Cite this paper: nullY. Zheng, "A Security Transfer Model Based on Active Defense Strategy," Communications and Network, Vol. 2 No. 3, 2010, pp. 187-192. doi: 10.4236/cn.2010.23027.

References

[1]   Nagswara S. V Rao, et al. “NetLets: Measurement-based Routing Daemons for Low End-to-end Delays Over Networks,” Computer Communications Vol. 26, No. 8, 2003, pp. 834-844.

[2]   D. Nesset, “Factors Affecting Distributed System Security,” IEEE Transactions on Software Engineering, Vol. SE-13, No. 2, 1987, pp. 233-248.

[3]   Haixin Duan and Jianping Wu, “Entity Security Architect Structure in Computer Network,” Transactions on Computer, Vol. 24, No. 8, August 2001, pp. 147-155.

[4]   V Paxsion1 “End2to2end routing be-havior in the Internet1 IEEE/ACM Transaction on Net-working,” Vol. 5, No. 5, 1997, pp. 601-615.

[5]   Liotine Matthew, “Mission-critical Network Planning,” Artech House Inc., London, 2003.

[6]   S Muftic and M. Sloman, “Security Architecture for Distributed Systems,” Computer Communications, Vol. 17, No. 7, 1994, pp. 492-500.

[7]   D. Nesset. “Factors Affecting Distributed System Security,” IEEE Transaction on Software Engi-neering, Vol. 13, No. 2, 1987, pp. 233-247.

[8]   Joe “Touch Dynamic Internet Overlay Deployment and Management Using the X-Bone,” Computer Networks, Vol. 57, No. 5, 2001, PP. 117-135.

[9]   R Forder, The Future of Defense Analysis,” Journal of Defense Science, Vol. 2, No. 1, 2000, pp. 215-226.

[10]   Kimberly Hollo-man, “The Network Centric Operations Conceptual Framework,” Proceeding of Network Centric Warfare 2004 Conference, Washington, D. C., 2004, pp. 3-12.

[11]   A. S. Tannenbaum, “Computer Networks,” 4th Edition, Machine Press, Beijing, 2004.

[12]   D. Comer and D. Stevens, “Internetworking with TCP/IP, Volume II: Design Implementation and Internals,” 2nd Edition, Prentice Hall, New Jersey, 1994.

[13]   S. Giordano, M. Potts and M. Smirnov. “Advances in QoS,” IEEE Com-munications Magazine, Vol. 41, No. 1, 2003, pp. 137-141.

[14]   S. Kent and R. Atkinson, “IP Security for the Internet Protocol,” 1998. http://www.ietf.org/rfc/ rfc24011.txt

[15]   M. Leech, M. Ganis, Y. Lee, et al. “SOCKS protocol,” 1996. http://www.ietf.org/rfc/ rfc1928.txt

[16]   T. Dierks and C. Allen. “The TLS Pro-tocol,” 1999, http://www.ietf.org/rfc/ rfc2246.txt

[17]   F. Chung, “Reliable Software and Communication I: an Overview,” IEEE Journal on Selected Areas in Commu-nications, Vol. 12, No. 1, 1994, pp. 23-32.

[18]   B. Coan and D. Heyman. “Reliable Software and Communication III: Congestion Control and Network Reliability,” IEEE Journal on Selected Areas in Communications, Vol. 12, No. 1, 2002, pp. 40-45.

[19]   Elham Ghashghai and Ro-nald L. Rardin, Using a Hybrid of Exact and Genetic Al-gorithms to Design Survivable Networks, Computers and Operations Research, Vol. 29, No. 1, 2002, pp. 53-66.