Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Network Intrusion Detection Using an Improved Competitive Learning Neural Network
CNSR '04 Proceedings of the Second Annual Conference on Communication Networks and Services Research
Anomaly Detection Based Intrusion Detection
ITNG '06 Proceedings of the Third International Conference on Information Technology: New Generations
A Novel Intelligent Intrusion Detection, Decision, Response System
IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
D-SCIDS: distributed soft computing intrusion detection system
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
On distributed intrusion detection systems design for high speed networks
ISPACT'10 Proceedings of the 9th WSEAS international conference on Advances in e-activities, information security and privacy
Cross-Domain collaborative anomaly detection: so far yet so close
RAID'11 Proceedings of the 14th international conference on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
Due to the rapid growth of network technologies and substantial improvement in attack tools and techniques, a distributed Intrusion Detection System (dIDS) is required to allocate multiple IDSs across a network to monitor security events and to collect data. However, dIDS architectures suffer from many limitations such as the lack of a central analyzer and a heavy network load. In this paper, we propose a new architecture for dIDS, called a Collaborative architecture for dIDS (C-dIDS), to overcome these limitations. The C-dIDS contains one-level hierarchy dIDS with a non-central analyzer. To make the detection decision for a specific IDS module in the system, this IDS module needs to collaborate with the IDS in the lower level of the hierarchy. Cooperating with lower level IDS module improves the system accuracy with less network load (just one bit of information). Moreover, by using one hierarchy level, there is no central management and processing of data so there is no chance for a single point of failure. We have examined the feasibility of our dIDS architecture by conducting several experiments using the DARPA dataset. The experimental results indicate that the proposed architecture can deliver satisfactory system performance with less network load.