ACM Computing Surveys (CSUR)
The state of the art in locally distributed Web-server systems
ACM Computing Surveys (CSUR)
Stateful Intrusion Detection for High-Speed Networks
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Operational experiences with high-volume network intrusion detection
Proceedings of the 11th ACM conference on Computer and communications security
SPANIDS: a scalable network intrusion detection loadbalancer
Proceedings of the 2nd conference on Computing frontiers
Exploiting Independent State For Network Intrusion Detection
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
An Active Splitter Architecture for Intrusion Detection and Prevention
IEEE Transactions on Dependable and Secure Computing
Mobile software agents: an overview
IEEE Communications Magazine
Hi-index | 0.01 |
A traditional Network Intrusion Detection System (NIDS) is based on a centralized architecture that does not satisfy the needs of most modern network infrastructures characterized by high traffic volumes and complex topologies. The of decentralized NIDS based on multiple sensors is that each of them gets just a partial view of the network traffic and this prevents a stateful and fully reliable traffic analysis. We propose a novel cooperation mechanism that the previous issues through an innovative state management and state migration framework. It allows multiple decentralized sensors to share their internal state, thus accomplishing innovative and powerful traffic analysis. The advanced functionalities and performance of the proposed cooperative framework for network intrusion detection systems are demonstrated through a fully operative prototype.