System Maintenance:
There may be intermittent impact on performance while updates are in progress. We apologize for the inconvenience.
By Topic

Issue of Event Sequence in time of Distributed Intrusion Detection System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Lin Guoyuan ; Nanjing Univ., Nanjing ; Huang Hao ; Cao Tianjie

Distributed intrusion detection system (DIDS) is one of important devices for information security. In this field, how to improve detection rate is one of key issues. In this paper, the importance of event sequence in time is presented. Then, we discuss three factors, i.e. timestamp precision, time synchronization and network delay, which effect detection rate on the view of event sequence in time. On the three aspects, timestamp precision is the key to keep internal event sequence, time synchronization is the base of correcting event sequence among computers, and that network delay makes time-series analysis not true. Accordingly, we address some methods, i.e. raising timestamp precision, active self- adapting time synchronization algorithm and state turnabout mechanism. Experiments indicate that anyone of three measures can elevate detection performance to a certain extent. If they all are adopted, better detection results are revealed.

Published in:

Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on

Date of Conference:

18-21 Sept. 2007