Implementing the Intrusion Detection Exchange Protocol
نویسندگان
چکیده
We describe the goals of the IETF’s Intrusion Detection Working Group (IDWG) and the requirements for a transport protocol to communicate among intrusion detection systems. We then describe the design and implementation of IAP, the first attempt at such a protocol. After a discussion of IAP’s limitations, we discuss BEEP, a new IETF general framework for application protocols. We then describe the Intrusion Detection Exchange Protocol (IDXP), a transport protocol designed and implemented within the BEEP framework that fulfills the IDWG requirements for its transport protocol. We conclude by discussing probable future directions for this ongoing effort.
منابع مشابه
DEMEM: Distributed Evidence-Driven Message Exchange Intrusion Detection Model for MANET
A Mobile Ad Hoc Network (MANET) is a distributed communication platform for mobile wireless nodes. Because of the lack of a centralized monitoring point, intrusion detection systems (IDS) for MANET are usually developed using a distributed architecture where detectors are deployed at each node to cooperatively detect attacks. However, most of these distributed IDS simply assume that each detect...
متن کاملEnabling Intrusion Detection in Ipsec Protected Ipv6 Networks through Secret-key Sharing Thesis
As the Internet Protocol version 6 (IPv6) implementation becomes more widespread, the IP Security (IPSec) features embedded into the next-generation protocol will become more accessible than ever. Though the network-layer encryption provided by IPSec is a boon to data security, its use renders standard network intrusion detection systems (NIDS) useless. The problem of performing intrusion detec...
متن کاملExperiences Implementing a Common Format for IDS Alerts
Intrusion detection is an area of increasing concern in the Internet community. In response to this, many automated intrusion detection systems (IDS) have been developed, e.g., commercial (Real Secure) and public domain (SNORT). However, there is no standardized way for IDS to communicate with each other or to a common manager. To remedy this, the Intrusion Detection Working Group (IDWG) was ch...
متن کاملIntrusion Detection on Cloud Applications
Cloud computing has grown from being a promising business concept to one of the fastest growing segments of the IT industry. So, cloud environment always remains vulnerable to attacks. The framework serves as an excellent platform for making cloud services intrusion tolerant. The feasibility of the framework has been tested by making cloud’s Infrastructure as a Service (IaaS) and Data Storage S...
متن کاملDistributed Intrusion Detection Models for Mobile Ad Hoc Networks Distributed Intrusion Detection Models for Mobile Ad Hoc Networks
A mobile ad hoc Network (MANET) is a mobile mesh network in which mobile wireless nodes are both hosts and routers so they can communicate without base stations. Because of this cooperative routing capability, MANETs have envisioned for military and emergency communication, but become more vulnerable to routing attacks than wired networks. If a malicious node propagates forged routing informati...
متن کامل