Interfacing Trusted Applications with Intrusion Detection Systems
نویسندگان
چکیده
In this paper we describe an interface between intrusion detection systems and trusted system components. The approach presented differs from conventional intrusion detection systems which are only loosely coupled to the components which they protect. We argue that a tighter coupling makes an IDS less vulnerable to desynchronization attacks, furnishes it with higher quality information and makes immediate and more fine grained responses feasible. Preliminary results show that this can be achieved through an external, nonspecific, voluntary reference monitor accessible to applications through a simple API. Reasonable performance can be maintained by moving most of the IDS functionality into the context of the trusted application.
منابع مشابه
Wireless Intrusion Detection System Wikipedia
Wireless Intrusion Detection System. 1*. Keith Chettiar, 2Akshay Patil, 3Arpita Pradhan and 4 Ms. Sushama Khanvilkar. 1*, 2, 3, 4 Computer Department, Xavier. Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work with any wireless card which supports raw. NCSA Wiki these zones is monitored by a Network Intrusion Detection System ...
متن کاملA hybrid approach for database intrusion detection at transaction and inter-transaction levels
Nowadays, information plays an important role in organizations. Sensitive information is often stored in databases. Traditional mechanisms such as encryption, access control, and authentication cannot provide a high level of confidence. Therefore, the existence of Intrusion Detection Systems in databases is necessary. In this paper, we propose an intrusion detection system for detecting attacks...
متن کاملSelf-protected Mobile Agent Approach for Distributed Intrusion Detection System against DDoS Attacks
With the growing Information Systems and Network technologies, security threats over the systems have also become common. Providing a security mechanism to detect such threats has become an inevitable part of Information Systems. Distributed Denial of Service (DDoS) attack is one of the most common attacks which are done in a co-ordinated manner. Hence, we need a Distributed Intrusion Detection...
متن کاملA Lightweight Intrusion Detection System Based on Specifications to Improve Security in Wireless Sensor Networks
Due to the prevalence of Wireless Sensor Networks (WSNs) in the many mission-critical applications such as military areas, security has been considered as one of the essential parameters in Quality of Service (QoS), and Intrusion Detection System (IDS) is considered as a fundamental requirement for security in these networks. This paper presents a lightweight Intrusion Detection System to prote...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural network
Abstract— In order to provide complete security in a computer system and to prevent intrusion, intrusion detection systems (IDS) are required to detect if an attacker crosses the firewall, antivirus, and other security devices. Data and options to deal with it. In this paper, we are trying to provide a model for combining types of attacks on public data using combined methods of genetic algorit...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2001