SANA

SANA - Security Analysis in Internet Traffic

Abstract

Within the global framework of the information society, fast, reliable and safe data exchange between local and terrestrial wide-area computer networks has become a top priority problem. For securing a computer network, there are several different Intrusion Detection Systems (IDS) which run on a server and check each packet which is routed over this node. Unfortunately, these NIDS do not secure the other network nodes as well as they need plenty of computational power. Furthermore, there exist attacks that overload IDS so that the IDS cannot check each packet. Consequently, new approaches for network security are needed and these approaches should secure each network node, should share the computational power over all nodes, and should be adaptive in order to detect novel attacks as well.

In our research, the goal is to introduce a novel security system that has the following attributes:

• Distributed: secures all nodes
• Efficient: secures the resources of all nodes efficiently
• Fail-safe, reliable: the security system is hard to attack
• Adaptive: the whole system adapts to novel situations, e.g. novel intrusions
• Integrated: common used and novel approaches are combined
• Information management: sophisticated management of the distributed information

For the design of the security system, we use the artificial immune system as an archetype. The architecture, workflows, and techniques are motivated by the artificial immune system. It consist of an enormous number of artificial cells: these perform the tasks that are required in order to guarantee the security. The cells are highly specialised and the different tasks, e.g. detection and removing of an intrusion, is shared over several types of cells. The artificial cell communication facilitates cooperation and collaboration between artificial cells and enables complex workflows consisting of many cells. The self management of the system guarantees a certain amount of security and increases the performance of the overall system.
If you are interested in more information about this project, you can read the project pages or feel free to contact me. If you are interested in working together or cooperation, please feel free contact me.

Keywords

Network Security, Biological Inspired Computing, Artificial Immune System, Ant Colonies, Intrusion Detection System, Intrusion Detection, Anomaly Detection, Complex Adaptive System

More Information

• Small Summary SANA and Summary SANA and Executive Summary SANA
• Slides of Presentations
• SANA-Project in Detail - Information about the Research of this Project

Publications

• Publications in the Scope of SANA can be found here.
• Publications of the MINE-Group can be found here.

Project Association

• INTRA Wiki

Project Members, Contact Information

• Michael Hilker
• Christoph Schommer

"SANA" is mentioned on: Events | Michael Hilker | RD-07/08/09.11.2006 | Self-Management of an artificial Immune System