Enhancing Collaborative Intrusion Detection Methods Using a Kademlia Overlay Network
نویسندگان
چکیده
The two important problems of collaborative intrusion detection are aggregation and correlation of intrusion events. The enormous amount of data generated by detection probes requires significant network and computational capacity to be processed. In this article we show that a distributed hash table based approach can reduce both network and computational load of intrusion detection, while providing almost the same accuracy of detection as centralized solutions. The efficiency of data storage can be improved by selecting Kademlia as the underlying overlay network topology, as its routing can easily adapt to the dynamic properties of such an application.
منابع مشابه
CIMD– Collaborative Intrusion and Malware Detection
We present a cooperation scheme for distributed intrusion detection taking into account security-related properties of each individual participating node. This leads to a security overlay network named CIMD (Collaborative Intrusion and Malware Detection1) enabling participants to state objectives for cooperation and find groups for the exchange of security-related data, like monitoring or detec...
متن کاملTeamworking for Security: The Collaborative Approach
Collaborative methods are promising tools for solving complex security tasks. In this context, the authors present the security overlay framework CIMD (Collaborative Intrusion and Malware Detection), enabling participants to state objectives and interests for joint intrusion detection and find groups for the exchange of security-related data such as monitoring or detection results accordingly; ...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural Network
The article attempts to have neural network and genetic algorithm techniques present a model for classification on dataset. The goal is design model can the subject acted a firewall in network and this model with compound optimized algorithms create reliability and accuracy and reduce error rate couse of this is article use feedback neural network and compared to previous methods increase a...
متن کاملDistributed Intrusion Detection System Based on Mixed Cooperative and Non-Cooperative Game Theoretical Model
Intrusion Detection Systems (IDS) are systems to protect the network resources against the attacks. Considering the extent of the attacks in the internet environment and the change in the form and type of the attacks from the centralized to the distributed strategy, such systems also tend to move towards the distributed architecture. In this paper, a mobile agent based method working as suspici...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012