Network Management And Intrusion Detection For Quality of Network Services

Abstract

The explosive growth in worldwide communication via the Internet has increased the reliance oforganizations and individuals on the electronically transmitted information, which consequentlycreated rising demands to protect data from information leakage, corruption or alteration duringtransmission. Various security service requirements are demanded among different applications andcustomers with consideration of respective data sensitivity level, performance requirement andmonetary investment. It becomes important to provide end-to-end security service commitment tosatisfy the diverse customers needs. We expect the Quality of Protection (QoP) to fulfill end-to-endsecurity service commitment to be integrated within the emerging QoS networks to support secure QoSInternet service. For clarity, we call both of QoP and QoS 'Quality of Network Services' (QoNS).The security issues surrounding the QoNS (QoP and QoS) provisioning have been studied in my PhDresearch. The thesis is composed of two main parts, i.e. QoP security and QoS security. First, thepolicy issues of QoP security service are analyzed and automatic policy generation algorithms arepresented. Furthermore, a signaling protocol is designed to provide end-to-end security service for QoP. The protocol is designed to be secure to protect messages against possible forgery andmodification attacks. Second, the threats to the QoS signaling protocol RSVP are analyzed andcountermeasures are proposed. In addition, the intrusion detection methods for QoS attacks directly ondata flow are investigated and experimented.