A Cooperative Intrusion Detection Model Based on Granular Computing and Agent Technologies
نویسنده
چکیده
This paper initially analyzes the methods of four attack types, including Probing, DoS (Denial of Service), R2L (Remote to Local) and U2R (User to Root). It then categorizes attacks into four cases which are, respectively, one host-one host, one host-many hosts, many hosts-one host and many hosts-many hosts. Categorization is based on resource and destination addresses of network packages. Granular computing methodology is then applied to intrusion detection. With the support of the granular computing methodology and agent technologies, a cooperative intrusion detection model is proposed. Furthermore, the construction for an intrusion detection agent is presented. Finally, experiments are conducted. Results indicate that the proposed method can detect slow scanning attacks which cannot be detected by a traditional scanning detector. A Cooperative Intrusion Detection Model Based on Granular Computing and Agent Technologies
منابع مشابه
Assessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملارائه مدلی جهت استفاده ازعاملهای متحرک در سیستم های تشخیص نفوذ توزیع شده مبتنی بر تئوری بازی
The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value...
متن کاملEvaluation of an Intrusion Detection System for Routing Attacks in Wireless Self-organised Networks
Wireless Sensor Networks (WSNs) arebecoming increasingly popular, and very useful in militaryapplications and environmental monitoring. However,security is a major challenge for WSNs because they areusually setup in unprotected environments. Our goal in thisstudy is to simulate an Intrusion Detection System (IDS)that monitors the WSN and report intrusions accurately andeffectively. We have thus...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملDistributed Intrusion Detection System Based on Mixed Cooperative and Non-Cooperative Game Theoretical Model
Intrusion Detection Systems (IDS) are systems to protect the network resources against the attacks. Considering the extent of the attacks in the internet environment and the change in the form and type of the attacks from the centralized to the distributed strategy, such systems also tend to move towards the distributed architecture. In this paper, a mobile agent based method working as suspici...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015