Modeling requests among cooperating intrusion detection systems

نویسندگان

  • Peng Ning
  • Xiaoyang Sean Wang
  • Sushil Jajodia
چکیده

It is important for intrusion detection systems (IDSs) to share information in order to discover attacks involving multiple sites. However, no framework exists for an IDS to request from and send to another IDS data relevant to specific events. The lack of such a framework may result in a waste of processing time, storage capacity and network bandwidth. This paper proposes a formal framework modeling requests among the cooperating IDSs. To show wide applicability, the paper explores the use of the formal approach in the Common Intrusion Detection Framework (CIDF), extending CIDF components to include a query facility.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Anomaly-based Web Attack Detection: The Application of Deep Neural Network Seq2Seq With Attention Mechanism

Today, the use of the Internet and Internet sites has been an integrated part of the people’s lives, and most activities and important data are in the Internet websites. Thus, attempts to intrude into these websites have grown exponentially. Intrusion detection systems (IDS) of web attacks are an approach to protect users. But, these systems are suffering from such drawbacks as low accuracy in ...

متن کامل

A Query Facility for Common Intrusion Detection Framework

It is essential for intrusion detection systems to share information in order to discover attacks involving multiple sites. Common Intrusion Detection Framework (CIDF) is an important step towards enabling di erent intrusion detection and response (IDR) components to interoperate with each other. Although CIDF provides an infrastructure and language support that allows an IDR component to under...

متن کامل

Requirements of Information Reductions for Cooperating Intrusion Detection Agents

We consider cooperating intrusion detection agents that limit the cooperation information flow with a focus on privacy and confidentiality. Generalizing our previous work on privacy respecting intrusion detection for centralized systems we propose an extended functional model for information reductions that is used for cooperation between intrusion detection agents. The reductions have the foll...

متن کامل

Attack Detection using Cooperating Autonomous Detection Systems (CATS)

Today’s communication networks are threatened by an increasing number intrusion attempts, worms, and denial of service (DoS) attacks. Apart from general measures for attack prevention, the possibility to detect ongoing attacks in order to take appropriate countermeasures constitutes an important asset for network security. We present a novel approach for attack detection based on cooperating au...

متن کامل

A Distributed Intrusion Detection System Using Cooperating Agents

The current intrusion detection systems have a number of problems that limit their configurability, scalability and efficiency. There have been some propositions about distributed architectures based on multiple independent agents working collectively for intrusion detection. However, these distributed intrusion detection systems are not fully distributed as most of them centrally analyze data ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • Computer Communications

دوره 23  شماره 

صفحات  -

تاریخ انتشار 2000