Skip to Main Content
Intrusion detection systems (IDSs) have been substantially improved in recent past. However, network attacks have become more sophisticated and increasingly complex: many of current attacks are coordinated and originated in multiple networks. To detect these attacks, IDSs need to obtain information on network events from multiple networks or administrative domains. This work demonstrates that a Distributed IDS (DIDS) can be composed of existing IDSs, improving the detection of misuses in a multiple network environment. We use a grid middleware for creating a service-based intrusion detection grid. We demonstrate through experimental results that the proposed DIDS allows the integration of heterogeneous existing IDSs and improves the detection of attacks by exploring the synergy between existing IDSs.