A Layered Framework for Placement of Distributed Intrusion Detection Devices
نویسنده
چکیده
Network based distributed intrusion detection is a common trend in several commercial intrusion detection systems. However, network based intrusion detection requires that a security officer comprehends the dynamic and non-deterministic nature of data traffic across the network. This paper provides security officers with a brief introduction to intrusion detection techniques and classifications. The paper, then, proposes a framework for placement of distributed intrusion detection devices along its four layers: the network perimeter, the high sensitivity network components, the location of data and applications, and traffic analysis. The following sections will discuss intrusion detection and the proposed layered approach in greater detail.
منابع مشابه
A Hybrid Framework for Building an Efficient Incremental Intrusion Detection System
In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...
متن کاملProposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملProposing A Distributed Model For Intrusion Detection In Mobile Ad-Hoc Network Using Neural Fuzzy Interface
Security term in mobile ad hoc networks has several aspects because of the special specification of these networks. In this paper a distributed architecture was proposed in which each node performed intrusion detection based on its own and its neighbors’ data. Fuzzy-neural interface was used that is the composition of learning ability of neural network and fuzzy Ratiocination of fuzzy system as...
متن کاملAutomatic Verification of Distributed and Layered Security Policy Implementations
Access control has long been the linchpin of intrusion prevention. Modern networked systems that are intended to be secure have a global policy, usually implicit, that specifies the overall system-level objectives with respect to access to various resources. The policy indicates both what is inadmissible, so that the intrusion attempts from within and without the network may be prevented, and w...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کامل