{"title":"一种高效的分布式入侵检测系统架构","authors":"Z. Hakimi, K. Faez, M. Barati","doi":"10.1109/ISCISC.2013.6767356","DOIUrl":null,"url":null,"abstract":"Due to increasing number of network attacks, it is highly crucial to equip networks with an intrusion detection system (IDS). These systems must be able to deal with today's high speed and large scale networks. In this paper we propose a distributed IDS that performs both data capturing and data analyzing in a distributed fashion. This distributed mechanism enables our system to effectively operate within large scale and high traffic rate networks. We developed a grouping mechanism which divides computers in the network into subsets of computers with a leader and a few members. Subsequently, using a data sharing mechanism we were able to detect distributed attacks. Our data sharing mechanism added an overhead on the network traffic which is negligible compared to the overall network traffic. We simulated our method in NS2 simulation environment. Then we compared our proposed system with a centralized IDS in terms of detection rate, memory usage and packet loss rate. Results showed that our system's performance was better despite of some extra load imposed by distribution of data processing.","PeriodicalId":265985,"journal":{"name":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2013-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An efficient architecture for distributed intrusion detection system\",\"authors\":\"Z. Hakimi, K. Faez, M. Barati\",\"doi\":\"10.1109/ISCISC.2013.6767356\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Due to increasing number of network attacks, it is highly crucial to equip networks with an intrusion detection system (IDS). These systems must be able to deal with today's high speed and large scale networks. In this paper we propose a distributed IDS that performs both data capturing and data analyzing in a distributed fashion. This distributed mechanism enables our system to effectively operate within large scale and high traffic rate networks. We developed a grouping mechanism which divides computers in the network into subsets of computers with a leader and a few members. Subsequently, using a data sharing mechanism we were able to detect distributed attacks. Our data sharing mechanism added an overhead on the network traffic which is negligible compared to the overall network traffic. We simulated our method in NS2 simulation environment. Then we compared our proposed system with a centralized IDS in terms of detection rate, memory usage and packet loss rate. Results showed that our system's performance was better despite of some extra load imposed by distribution of data processing.\",\"PeriodicalId\":265985,\"journal\":{\"name\":\"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCISC.2013.6767356\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 10th International ISC Conference on Information Security and Cryptology (ISCISC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCISC.2013.6767356","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An efficient architecture for distributed intrusion detection system
Due to increasing number of network attacks, it is highly crucial to equip networks with an intrusion detection system (IDS). These systems must be able to deal with today's high speed and large scale networks. In this paper we propose a distributed IDS that performs both data capturing and data analyzing in a distributed fashion. This distributed mechanism enables our system to effectively operate within large scale and high traffic rate networks. We developed a grouping mechanism which divides computers in the network into subsets of computers with a leader and a few members. Subsequently, using a data sharing mechanism we were able to detect distributed attacks. Our data sharing mechanism added an overhead on the network traffic which is negligible compared to the overall network traffic. We simulated our method in NS2 simulation environment. Then we compared our proposed system with a centralized IDS in terms of detection rate, memory usage and packet loss rate. Results showed that our system's performance was better despite of some extra load imposed by distribution of data processing.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
