|
Title:
|
A DISTRIBUTED MODEL FOR INTRUSION DETECTION AND PREVENTION |
|
Author(s):
|
Mauro Migliardi , Gianluca Stringhini |
|
ISBN:
|
978-972-8924-93-5 |
|
Editors:
|
Pedro IsaĆas, Bebo White and Miguel Baptista Nunes |
|
Year:
|
2009 |
|
Edition:
|
2 |
|
Keywords:
|
Distributed intrusion detection and prevention. |
|
Type:
|
Short Paper |
|
First Page:
|
279 |
|
Last Page:
|
283 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
The proliferation of wideband connections while opening the market to a wealth of new web based applications has also
provided a pervasive set of injection points for malicious network traffic. This fact has generated a new storm of network
attacks that every day generates a non negligible amount of network traffic. Intrusion Detection Systems (IDS) aim at
preventing the delivery of malicious traffic to targeted systems thus preventing damage at the end point of the attack,
however they are positioned either on a single host or on very peripheral routers, thus they do not provide any help in
reducing the amount of malicious traffic roaming the network. The sheer amount of traffic to be analyzed prevents any
attempt to move intrusion detection to core routers, however Distributed Intrusion Detection Systems (DIDS) may
provide a solution. In past works DIDS have been envisioned as cooperative clusters of traditional IDS, in this paper we
present a novel methodology that allows distributing the computational load of intrusion detection on several nodes thus
allowing to empower the network itself of intrusion detection and prevention capabilities. |
|
|
|
|
|
|
