A Model based on Parallel Intrusion Detection Systems for High Speed Networking Security
作者: Sourour Meharouech , Adel Bouhoula , Tarek Abbes
DOI: 10.1007/978-1-4020-6270-4_40
关键词:
摘要: During this time when the Internet provides essential communication between an infinite numbers of people and is being increasingly used as a tool for commerce, security becomes tremendously important issue to deal with. It also note that, recently, intrusion detection systems (IDS) have been unable provide effective mechanism defending high speed networks. Existing networks (NIDS) can barely keep up with bandwidths some hundred Mbps whereas, nowadays, network presses forward 10 Gbps. So in order protect networks, we propose new approach aiming at accelerating operation. The based on three main steps: traffic classification, load balancing availability mechanism. This paper describes above mentioned approaches presents experimental evaluation their effectiveness
springer.com
sci-hub.st 参考文章(10)
Mike Fisk, George Varghese, Fast Content-Based Packet Handling for Intrusion Detection University of California at San Diego. ,(2001) , 10.21236/ADA406413
R. Power, CSI/FBI computer crime and security survey Computer Security Journal. ,vol. 17, pp. 20- 51 ,(2001)
Lambert Schaelicke, Thomas Slabach, Branden Moore, Curt Freeland, Characterizing the Performance of Network Intrusion Detection Sensors recent advances in intrusion detection. pp. 155- 172 ,(2003) , 10.1007/978-3-540-45248-5_9
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
R. Sekar, Y. Guang, S. Verma, T. Shanbhag, A high-performance network intrusion detection system computer and communications security. pp. 8- 17 ,(1999) , 10.1145/319709.319712
Wu Yang, Bin-Xing Fang, Bo Liu, Hong-Li Zhang, Intrusion detection system for high-speed network Computer Communications. ,vol. 27, pp. 1288- 1294 ,(2004) , 10.1016/J.COMCOM.2004.03.001
C.J. Coit, S. Staniford, J. McAlerney, Towards faster string matching for intrusion detection or exceeding the speed of Snort darpa information survivability conference and exposition. ,vol. 1, pp. 367- 373 ,(2001) , 10.1109/DISCEX.2001.932231
I. Charitakis, K. Anagnostakis, E. Markatos, An active traffic splitter architecture for intrusion detection 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, 2003. MASCOTS 2003.. pp. 238- 241 ,(2003) , 10.1109/MASCOT.2003.1240665
C. Kruegel, F. Valeur, G. Vigna, R. Kemmerer, Stateful intrusion detection for high-speed network's ieee symposium on security and privacy. pp. 285- 293 ,(2002) , 10.1109/SECPRI.2002.1004378
Craig H. Rowland, Intrusion detection system ,(1999)