By Topic

A framework for large-scale simulation of collaborative intrusion detection systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Fisch, D. ; Inst. of Comput. Archit., Univ. of Passau, Passau ; Hofmann, A. ; Hornik, V. ; Dedinski, I.
more authors

Distributed intrusion detection and prevention play an increasingly important role in securing computer networks. In a distributed intrusion detection system, information about the current situation and knowledge about attacks are exchanged, aggregated, fused, and correlated in a cooperative manner to overcome the limitations of conventional centralized intrusion detection systems. However, this distributed approach introduces new challenges such as self-organization and efficient communication techniques. In this paper we propose a novel framework for developing, simulating, and deploying a distributed intrusion detection system that consists of several collaborating agents. The framework provides a programming interface and comprises all essential communication and synchronization methods that enables self-organized collaboration in a completely distributed manner. In two experiments we demonstrate the performance and capabilities of our implementation by simulating a large-scale worm outbreak and a one-to-many attack. Furthermore, we present two applications of our framework to show how collaboration of agents can be used to detect one-to-many attacks and how detection performance benefits from cooperation of agents.

Published in:

Soft Computing in Industrial Applications, 2008. SMCia '08. IEEE Conference on

Date of Conference:

25-27 June 2008