Share Email Print

Proceedings Paper

Intrusion detection considerations for switched networks
Author(s): Thomas D. Tarman; Edward L. Witzke
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Many private and public networks are based on network switching technologies. However, switched networks present a number of challenges to intrusion detection equipment. These challenges include limited visibility of network flows at the edges of the network, high-speed packet processing, and highly-aggregated flows in the core. In addition, switched networks typically implement protocols specific for Layer 2 functions, such as connection establishment and connection routing, which can be attacked to deny service to higher layer protocols and applications. Since these attacks cannot be detected by Internet Protocol intrusion detection equipment. Layer 2 intrusion detection is required. This paper describes an approach for performing intrusion monitoring in switched, Layer 2 networks, specifically, Asynchronous Transfer Mode networks.

Paper Details

Date Published: 21 February 2001
PDF: 8 pages
Proc. SPIE 4232, Enabling Technologies for Law Enforcement and Security, (21 February 2001); doi: 10.1117/12.417520
Show Author Affiliations
Thomas D. Tarman, Sandia National Labs. (United States)
Edward L. Witzke, Sandia National Labs. (United States)

Published in SPIE Proceedings Vol. 4232:
Enabling Technologies for Law Enforcement and Security
Simon K. Bramble; Lenny I. Rudin; Simon K. Bramble; Edward M. Carapezza; Lenny I. Rudin, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?