This article deals with protection of home and enterprise users and in particular Critical Infrastructures (CIs) against attacks unleashed by terrorists or criminals. Threats and challenges in large-scale network protection are discussed and their congruent defense mechanisms are classified into defensive and offensive. One defensive and one offensive mechanism is described. The Early Detection, Alert and Response (eDare) framework is a defensive mechanism aimed at removing malware from NSPs' traffic. eDare employs powerful network traffic scanners for sanitizing web traffic from known malware. Remaining traffic is monitored and various types of algorithms are used for identifying unknown malware. To augment judgments of the algorithms, experts' opinions are used to classify files suspected as malware which the algorithms are not decisive about. Finally, collaborative feedback and tips from end-users are meshed into the identification process. DENAT system is an offensive mechanism which uses Machine Learning algorithms to analyze traffic that is sent from organizations such as universities through Network Address Translators (NAT). The analysis associates users with the content of their traffic in order to identify access to terror related websites.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com