Intelligent Firewall: Packet-based Recognition against Internet-scale Virus Attacks

I.S. Yoo and U. Ultes-Nitsche (UK)


Network Security, Internet-Scale Virus, Intelligent Firewall, Packet-Based Recognition, Packet-Based classification Engine, Smart Detection Engine.


We report in this paper on research in progress concerning the packet-based recognition against Internet scale viruses. This research is one part of the Janus project to build an Intelligent Firewall. A main purpose of this project is to integrate a packet-based classification engine and a smart detection engine into a firewall. The packet-based classification engine aims at classifying Internet-scale virus packets apart from normal packets using packet header and payload, and then the smart detection engine deals with stream of filtered packets from the classification engine which selected them as having a high probability of containing malicious content. To classify and detect malicious packets from normal packets, we surveyed statistics of current Internet-scale viruses and analyzed malicious packets. In this paper, we focus on Internet-scale virus recognition using data packets. In addition, we present current Internet-scale virus statistics, analysis of Internet-Scale Virus attacks, and why data packet detection is necessary. Finally, we introduce the concept of packet-based detection components in the Intelligent Firewall.

Important Links:

Go Back