NIC-based intrusion detection: A feasibility study
نویسندگان
چکیده
We present and evaluate a NIC-based network intrusion detection system. Functions such as signature-based and anomaly-based packet classification are performed on the NIC, which has its own processor and memory. This makes the system virtually impossible to bypass or tamper with as can be the case with software-based systems that rely on the host operating system to function. We empirically evaluate such systems from the perspective of quality and performance (bandwidth of acceptable messages) under varying conditions of host load. The preliminary results we obtain are very encouraging and lead us to believe that such NIC-based security schemes could very well be a crucial part of next generation network security systems.
منابع مشابه
A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks
By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملA Study in the Feasibility of Performing Host-Based Anomaly Detection on Windows NT
Windows NT has become the dominant desktop platform. To date, host-based intrusion detection research has focused on Unixavored platforms. As a result, we have a large gap between the platform people use in practice and the platforms on which intrusion detection research is active. In this paper, we examine the feasibility of applying host-based intrusion detection to the Windows NT platform. S...
متن کاملA Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملA Lightweight Intrusion Detection System Based on Specifications to Improve Security in Wireless Sensor Networks
Due to the prevalence of Wireless Sensor Networks (WSNs) in the many mission-critical applications such as military areas, security has been considered as one of the essential parameters in Quality of Service (QoS), and Intrusion Detection System (IDS) is considered as a fundamental requirement for security in these networks. This paper presents a lightweight Intrusion Detection System to prote...
متن کامل