Enhancing Collaborative Intrusion Detection Methods Using a Kademlia Overlay Network
作者: Zoltán Czirkos , Gábor Hosszú
DOI: 10.1007/978-3-642-32808-4_6
关键词:
摘要: The two important problems of collaborative intrusion detection are aggregation and correlation events. enormous amount data generated by probes requires significant network computational capacity to be processed. In this article we show that a distributed hash table based approach can reduce both load detection, while providing almost the same accuracy as centralized solutions. efficiency storage improved selecting Kademlia underlying overlay topology, its routing easily adapt dynamic properties such an application.
springer.com
sci-hub.st 参考文章(20)
Hervé Debar, Andreas Wespi, Aggregation and Correlation of Intrusion-Detection Alerts recent advances in intrusion detection. pp. 85- 103 ,(2001) , 10.1007/3-540-45474-8_6
Frédéric Cuppens, Rodolphe Ortalo, LAMBDA: A Language to Model a Database for Detection of Attacks recent advances in intrusion detection. pp. 197- 216 ,(2000) , 10.1007/3-540-39945-3_13
Richard A. Kemmerer, NSTAT: A Model-based Real-time Network Intrusion Detection System University of California at Santa Barbara. ,(1998)
Vinod Yegneswaran, Paul Barford, Somesh Jha, Global Intrusion Detection in the DOMINO Overlay System. network and distributed system security symposium. ,(2004)
Supriya Krishnamurthy, Sameh El-Ansary, Erik Aurell, Seif Haridi, A Statistical Theory of Chord Under Churn Peer-to-Peer Systems IV. ,vol. 3640, pp. 93- 103 ,(2005) , 10.1007/11558989_9
Vasileios Vlachos, Diomidis Spinellis, A PRoactive malware identification system based on the computer hygiene principles Information Management & Computer Security. ,vol. 15, pp. 295- 312 ,(2007) , 10.1108/09685220710817815
Chenfeng Vincent Zhou, Christopher Leckie, Shanika Karunasekera, A survey of coordinated attacks and collaborative intrusion detection Computers & Security. ,vol. 29, pp. 124- 140 ,(2010) , 10.1016/J.COSE.2009.06.008
David Karger, Eric Lehman, Tom Leighton, Rina Panigrahy, Matthew Levine, Daniel Lewin, Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the World Wide Web symposium on the theory of computing. pp. 654- 663 ,(1997) , 10.1145/258533.258660
D. Moore, V. Paxson, S. Savage, C. Shannon, S. Staniford, N. Weaver, Inside the Slammer worm ieee symposium on security and privacy. ,vol. 1, pp. 33- 39 ,(2003) , 10.1109/MSECP.2003.1219056
Steven J. Templeton, Karl Levitt, A requires/provides model for computer attacks new security paradigms workshop. pp. 31- 38 ,(2001) , 10.1145/366173.366187