A Denial of Service Resistant Intrusion Dection Architecture
نویسندگان
چکیده
As the capabilities of intrusion detection systems (IDSs) advance, attackers may disable organizations’ IDSs before attempting to penetrate more valuable targets. To counter this threat, we present an IDS architecture that is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to attackers’ normal means of “seeing” in a network. Upon a successful attack, the architecture allows IDS components to relocate from attacked hosts to operational hosts thereby mitigating the attack. These capabilities are obtained by using mobile agent technology, utilizing network topology features, and by restricting the communication allowed between different types of IDS components.
منابع مشابه
A denial-of-service resistant intrusion detection architecture
As the capabilities of intrusion detection systems (IDSs) advance, attackers may disable organizations’ IDSs before attempting to penetrate more valuable targets. To counter this threat, we present an IDS architecture that is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to attackers’ normal means of “seeing” in a network. Upon ...
متن کاملA Review of Intrusion Detection Defense Solutions Based on Software Defined Network
Most networks without fixed infrastructure are based on cloud computing face various challenges. In recent years, different methods have been used to distribute software defined network to address these challenges. This technology, while having many capabilities, faces some vulnerabilities in the face of some common threats and destructive factors such as distributed Denial of Service. A review...
متن کاملDenial of service attack in the Internet: agent-based intrusion detection and reaction
This paper deals with denial of service attack. Overview of the existing attacks and methods is proposed. Classification scheme is presented for a different denial of service attacks. There is considered agent-based intrusion detection systems architecture. Considered main components and working principles for a systems of such kind.
متن کاملDetecting Denial of Service Message Flooding Attacks in SIP based Services
Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol (SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation deficiencies cause some security concerns in SIP based infra...
متن کاملDetecting Denial of Service using BENEF Model: An Alternative Approach
Computer security is a seriously concern topic for both computer system and networking. To handle various intrusive actions, an intrusion detection system can be used for detecting and countermeasuring the computer attacks. In this paper, we propose a BENEF model of network-based intrusion detection to detect Denial-of-Service (DoS) attack. This model relies on significant parameters of anomalo...
متن کامل