Towards Survivable Intrusion Detection
نویسندگان
چکیده
An intruder may target the ID scheme first in order to facilitate further malicious activities. For an intrusion-detection system that is operating in real time, an intruder could be exposed if they were simply to disable the IDS, a denial-of-service attack. A corrupted intrusion-detection system, however, might report erroneous information or fail to identify an attack. The consequences could be more serious if intrusion detection were conducted on a network-wide scale, as in the case of network surveillance demanded by system survivability. In such an environment, detection of coordinated attacks relies on information supplied by local intrusion-detection entities distributed across the network [10][13]. An attack targeting a selected set of intrusion-detection components could render the entire network intrusion-detection system ineffective.
منابع مشابه
Towards the Attack Signatures’ Comparison in Survivable Computer Networks
Survivability architecture and run-time attack detection can be successfully implemented based on attack signatures. In this paper, authors concentrate on profile signatures based on Markov models. They are represented by the frequency spectrum of the functionalities in the system. The difference between safe system signatures from attacked (monitored) system signatures indicates possible intru...
متن کاملBuilding Survivable Systems: An Integrated Approach based on Intrusion Detection and Damage Containment
Reliance on networked information systems to support critical infrastructures prompts interest in making network information systems survivable, so that they continue functioning even when under attack. To build survivable systems, attacks must be detected and reacted to before they impact performance or functionality. Previous survivable systems research focussed primarily on detecting intrusi...
متن کاملA Paper in Mobile Ad-hoc Networks about Maintaining its Survivability
In general, Security techniques pursue two defense lines: one preventive and the second one is reactive6. The first one offers techniques to circumvent any type of Attack, as firewalls and cryptographic systems. The second consists in getting act on demand to lessen Intrusions, as Intrusion Detection systems. This paper observes Survivable approaches whose purpose is to facilitate network s to ...
متن کاملInformation Assurance
As society increasingly relies on digitally stored and accessed information, applications have increasingly higher requirements on supporting the availability, integrity, and confidentiality of this information. However, as the quantity and severity of cyber vulnerabilities and attacks continuously increase, traditional information security technologies are increasingly limited in satisfying th...
متن کاملThe DPASA Survivable JBI—A High-Water Mark in Intrusion-Tolerant Systems1
In this paper, we describe the design, development, and validation of an information system that has recently set a new high-water mark for intrusion tolerance. The system, known as the DPASA Survivable JBI, conforms to an abstract architecture for survivable systems and integrates concrete defense mechanisms for preventing intrusion and for detecting and responding to intrusions that cannot be...
متن کامل