Sciweavers

Share
CN
1999

A large scale distributed intrusion detection framework based on attack strategy analysis

8 years 7 months ago
A large scale distributed intrusion detection framework based on attack strategy analysis
To appropriately address the problem of large-scale distributed intrusion assessment/detection, issues such as information exchange, work division and coordination amongst various Intrusion Detection Systems (IDS) must be addressed. An approach based on autonomous local IDS agents performing event processing coupled with cooperative global problem resolution is preferred. However, it is not clear how autonomous the local IDS agents should be and what constitutes the theme that drives multiple IDS to work together. We believe that focusing on the intruder's intent (attack strategy) provides the theme that drives how various IDS components work together. Analysis on attack strategy also provides an opportunity to perform pro-active look ahead adaptive auditing. This paper presents a high-level conceptual architecture view for such an approach. The Battleground Management Analogy Today's large-scale distributed intrusion detection (ID) shares many common traits and challenges w...
Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks
Added 22 Dec 2010
Updated 22 Dec 2010
Type Journal
Year 1999
Where CN
Authors Ming-Yuh Huang, Robert J. Jasper, Thomas M. Wicks
Comments (0)
books