A system for distributed intrusion detection

Snapp, S.R.; Brentano, J.; Dias, Gihan; Goan, Terrance; Grance, Tim; Heberlein, L. Todd; Ho, Che-Lin; Levitt, Karl N.; Mukherjee, Biswanath; Mansur, Doug; Pon, K.L.; Smaha, Stephen E.

doi:10.1109/cmpcon.1991.128802

Cited by 46 publications

(36 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…These problems make the area of IDS an attractive and open research field. In recent years, researchers have investigated a variety of different computational tools to improve IDS performance and overcome some of its limitations, such as Soft Computing (SC) techniques [2], [3], [4], distributed systems [5], [6], [7], and autonomous agents (AA) [8], [9]. Still, a lot more needs to be done to deal with new technologies and tools developed by intruders to break the systems.…”

Section: C) Availabilitymentioning

confidence: 99%

“…Early systems included dIDS [5], NADIR (Network Anomaly Detector and Intrusion Reporter) [14], CSM (Cooperative Security Managers) [19], EMERALD (Event Monitoring Enabling Response to Anomalous Live Disturbances) [20], AAFID (Autonomous Agents for Intrusion Detection) [8], CIDF (Common Intrusion Detection Framework) [21] and MAIDS (Mobile Agent Intrusion Detection System) [22]. The rest of this section briefly introduces some of these projects.…”

Section: Distributed Idsmentioning

confidence: 99%

See 1 more Smart Citation

An Approach for Collaborative Decision in Distributed Intrusion Detection System

Sharma¹,

Singh²

2016

IJCA

View full text Add to dashboard Cite

Computers have virtually changed every aspect of our life. The rapid growth in the development of computers was focused on making the computer easy to use for all. The rapid growth did not give as much importance on the security of the computer system thereby leaving system as vulnerable to attacks. As internet and its applications are increasing, complex and hybrid networks are being used for communication. So many loopholes are being explored to intrude into other systems. There are many tools and techniques available for securing networks like Firewalls, IDS etc. and until now they are used very frequently by nearly all the organizations to safeguard information and other critical data but these are not sufficient for implementing complete security because the intruders have become smarter.Higher security being the priority of many organizations has led to the importance and promoting active research on efficient Intrusion Detection Systems. To deal with various types of attacks we need to have information of attacks from other sources as well. This can be done by sharing intrusion information with all. As hackers are becoming more intelligent we need to have collaborative decision making system where intrusion activity is decided by knowing other's opinion as well. We have proposed an approach to enhance the collaborative decision making by conducting polls between registered intrusion detection systems in the network. Intrusion activity for new packets and false positives is decided based on all opinions gathered from registered intrusion detection systems.

show abstract

Section: C) Availabilitymentioning

confidence: 99%

Section: Distributed Idsmentioning

confidence: 99%

An Approach for Collaborative Decision in Distributed Intrusion Detection System

Sharma¹,

Singh²

2016

IJCA

View full text Add to dashboard Cite

show abstract

“…In centralised systems, such as DIDS [22], DShield [23] and NSTAT [24], each sensor shares alerts with a central correlation unit. Hierarchical approaches, e.g., GrIDS [25], EMERALD [26] and DSOC [27], attempt to address the scalability issues of centralised approaches by organising detection units into a tree-like topology.…”

Section: Related Workmentioning

confidence: 99%

Trustworthy placements: Improving quality and resilience in collaborative attack detection

et al. 2014

View full text Add to dashboard Cite

In distributed and collaborative attack detection systems decisions are made on the basis of the events reported by many sensors, e.g., Intrusion Detection Systems placed across various network locations. In some cases such events originate at locations over which we have little control, for example because they belong to an organisation that shares information with us. Blindly accepting such reports as real encompasses several risks, as sensors might be dishonest, unreliable or simply compromised. In these situations trust plays an important role in deciding whether alerts should be believed or not. In this work we present an approach to maximise the quality of the information gathered in such systems and the resilience against dishonest behaviours. We introduce the notion of trust diversity amongst sensors and argue that detection configurations with such a property perform much better in many respects. Using reputation as a proxy for trust, we introduce an adaptive scheme to dynamically reconfigure the network of detection sensors. Experiments confirm an overall increase both in detection quality and resilience against compromise and misbehaviour.

show abstract

“…Distributed Intrusion Detection System (DIDS) was developed by University of California, Davis (Snapp et al, 1991). This system focuses on extending the intrusion detection from single segment of network to arbitrary large networks.…”

Section: Distributed Intrusion Detection Systemsmentioning

confidence: 99%

Towards the automatic generation of mobile agents for distributed intrusion detection system

Wang

Behera

Wong

et al. 2006

Journal of Systems and Software

View full text Add to dashboard Cite

A system for distributed intrusion detection

Abstract: Thisis a preprinloi:a paperintendedfor publicationin a journalor proceedings. Since changesmay be madebefore publication,this preprint is madeavailablewith the understandin 8 thai it will not becited or reproducedwithout the permissionof the author.

Cited by 46 publications

References 6 publications

An Approach for Collaborative Decision in Distributed Intrusion Detection System

An Approach for Collaborative Decision in Distributed Intrusion Detection System

Trustworthy placements: Improving quality and resilience in collaborative attack detection

Towards the automatic generation of mobile agents for distributed intrusion detection system

Contact Info

Product

Resources

About