CIDS: An agent-based intrusion detection system
نویسندگان
چکیده
The paper describes security agent architecture, called CIDS, which is useful as an administrative tool for intrusion detection. Specifically, it is an agent-based monitoring and detection system, which is developed to detect malfunctions, faults, abnormalities, misuse, deviations, intrusions, and provide recommendations (in the form of common intrusion detection language). The CIDS can simultaneously monitor networked-computer activities at multiple levels (user to packet level) in order to find correlation among the deviated values (from the normal or defined policy) to determine specific security violations. The current version of CIDS (CIDS 1.4) is tested with different simulated attacks in an isolated network, and some of those results are reported here.
منابع مشابه
Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS
In this paper, we present the design and implementation of a Collaborative Intrusion Detection System (CIDS) for accurate and efficient intrusion detection in a distributed system. CIDS employs multiple specialized detectors at the different layers – network, kernel and application – and a manager based framework for aggregating the alarms from the different detectors to provide a combined alar...
متن کاملCollaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS
In this paper, we present the design and implementation of a Collaborative Intrusion Detection System (CIDS) for accurate and efficient intrusion detection in a distributed system. CIDS employs multiple specialized detectors at the different layers – network, kernel and application – and a manager based framework for aggregating the alarms from the different detectors to provide a combined alar...
متن کاملA survey of coordinated attacks and collaborative intrusion detection
Coordinated attacks, such as large-scale stealthy scans, worm outbreaks and distributed denial-of-service (DDoS) attacks, occur in multiple networks simultaneously. Such attacks are extremely difficult to detect using isolated intrusion detection systems (IDSs) that monitor only a limited portion of the Internet. In this paper, we summarize the current research directions in detecting such atta...
متن کاملFingerprinting Electronic Control Units for Vehicle Intrusion Detection
As more software modules and external interfaces are getting added on vehicles, new attacks and vulnerabilities are emerging. Researchers have demonstrated how to compromise in-vehicle Electronic Control Units (ECUs) and control the vehicle maneuver. To counter these vulnerabilities, various types of defense mechanisms have been proposed, but they have not been able to meet the need of strong p...
متن کاملCollaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures
Complex Internet attacks may come from multiple sources, and target multiple networks and technologies. Nevertheless, Collaborative Intrusion Detection Systems (CIDS) emerges as a promising solution by using information frommultiple sources to gain a better understanding of objective and impact of complex Internet attacks. CIDS also help to cope with classical problems of Intrusion Detection Sy...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Computers & Security
دوره 24 شماره
صفحات -
تاریخ انتشار 2005