A SCHEME FOR THE DESIGN AND IMPLEMENTATION OF A DISTRIBUTED IDS

被引:0
|
作者
Chandradeep, K. B. [1 ]
机构
[1] IIT, Dept Ctr Educ Technol, Kharagpur, W Bengal, India
来源
2009 FIRST INTERNATIONAL CONFERENCE ON NETWORKS & COMMUNICATIONS (NETCOM 2009) | 2009年
关键词
Distributed intrusion detection system; distributed object application; intrusion detection; packet filtering;
D O I
10.1109/NetCoM.2009.49
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
This paper proposes a scheme for the design and implementation of a new security architecture for protecting exposed intranets or groups of computers in a network from malicious attacks. The proposed scheme presents an approach of building a distributed intrusion detection system for a network by using the network based intrusion detection system sensors at several places in the network and then communicating the alert information generated by the network intrusion detection system sensors to all the hosts present in the network for a dynamic policy update. The dynamic policy is updated using the iptables for linux hosts and for windows hosts the policy update is carried out using a new windows firewall application that has been developed.
引用
收藏
页码:265 / 270
页数:6
相关论文
共 50 条
  • [1] Design and Implementation of A Distributed IDS Alert Aggregation Model
    Guo Fan
    Ye Jihua
    Yu Min
    [J]. ICCSSE 2009: PROCEEDINGS OF 2009 4TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION, 2009, : 975 - 980
  • [2] Design and Implementation of an Immune Algorithm for IDS
    Yao Xing
    Lu Jiaxing
    Guo Fan
    Yu Min
    [J]. PROCEEDINGS OF 2010 INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY AND INDUSTRIAL ENGINEERING, VOLS I AND II, 2010, : 1054 - 1059
  • [3] The design and implementation of session-based IDS
    Mizutani, M
    Shirahata, S
    Minami, M
    Murai, J
    [J]. ELECTRONICS AND COMMUNICATIONS IN JAPAN PART I-COMMUNICATIONS, 2006, 89 (03): : 46 - 58
  • [4] Design and Implementation of a Metadata Management Scheme for Large Distributed File Systems
    Yun, Jong Hyeon
    Park, Yong Hun
    Seo, Dong Min
    Lee, Seok Jae
    Yoo, Jae Soo
    [J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2009, E92D (07): : 1475 - 1478
  • [5] A distributed energy-efficient clustering scheme for deploying IDS in MANETs
    Yuna Kim
    Ki-Young Jung
    Tae-Hyung Kim
    Jong Kim
    [J]. Telecommunication Systems, 2013, 52 : 85 - 96
  • [6] A distributed energy-efficient clustering scheme for deploying IDS in MANETs
    Kim, Yuna
    Jung, Ki-Young
    Kim, Tae-Hyung
    Kim, Jong
    [J]. TELECOMMUNICATION SYSTEMS, 2013, 52 (01) : 85 - 96
  • [7] Analysis, design and implementation of IDS using data mining
    Patel, B. V.
    Meshram, B. B.
    [J]. WEBIST 2008: PROCEEDINGS OF THE FOURTH INTERNATIONAL CONFERENCE ON WEB INFORMATION SYSTEMS AND TECHNOLOGIES, VOL 1, 2008, : 81 - +
  • [8] The Design and Implementation of the IDS Catalogue Data Archive System
    Li Jingang
    Liu Shibin
    Liu Wei
    [J]. INSTRUMENTATION, MEASUREMENT, CIRCUITS AND SYSTEMS, 2012, 127 : 837 - 844
  • [9] Design and implementation of semantic caching coherency control scheme toward distributed environment
    Wan, H
    Li, L
    [J]. ADVANCED PARALLEL PROCESSING TECHNOLOGIES, PROCEEDINGS, 2005, 3756 : 41 - 51
  • [10] Design and implementation of detection engine against IDS evasion with unicode
    Kang, DH
    Oh, JT
    Kim, KY
    Jang, JS
    [J]. CURRENT TRENDS IN HIGH PERFORMANCE COMPUTING AND ITS APPLICATIONS, PROCEEDINGS, 2005, : 333 - 337
12345