The proliferation of wideband connections while opening the market to a wealth of new web based applications has also provided a pervasive set of injection points for malicious network traffic. This fact has generated a new storm of network attacks that every day generates a non negligible amount of network traffic. Intrusion Detection Systems (IDS) aim at preventing the delivery of malicious traffic to targeted systems thus preventing damage at the end point of the attack, however they are positioned either on a single host or on very peripheral routers, thus they do not provide any help in reducing the amount of malicious traffic roaming the network. The sheer amount of traffic to be analyzed prevents any attempt to move intrusion detection to core routers, however Distributed Intrusion Detection Systems (DIDS) may provide a solution. In past works DIDS have been envisioned as cooperative clusters of traditional IDS, in this paper we present a novel methodology that allows distributing the computational load of intrusion detection on several nodes thus allowing to empower the network itself of intrusion detection and prevention capabilities.
Travelling Information For Intrusion Prevention Systems
MIGLIARDI, MAURO;
2010
Abstract
The proliferation of wideband connections while opening the market to a wealth of new web based applications has also provided a pervasive set of injection points for malicious network traffic. This fact has generated a new storm of network attacks that every day generates a non negligible amount of network traffic. Intrusion Detection Systems (IDS) aim at preventing the delivery of malicious traffic to targeted systems thus preventing damage at the end point of the attack, however they are positioned either on a single host or on very peripheral routers, thus they do not provide any help in reducing the amount of malicious traffic roaming the network. The sheer amount of traffic to be analyzed prevents any attempt to move intrusion detection to core routers, however Distributed Intrusion Detection Systems (DIDS) may provide a solution. In past works DIDS have been envisioned as cooperative clusters of traditional IDS, in this paper we present a novel methodology that allows distributing the computational load of intrusion detection on several nodes thus allowing to empower the network itself of intrusion detection and prevention capabilities.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.