Indra: A peer-to-peer approach to network intrusion detection and prevention

Authors:
Ramaprabhu Janakiraman;Marcel Waldvogel;Qi Zhang
Affiliations:
-;-;-
Venue:
WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Year:
2003

Citing 15
Cited 28

NADIR: an automated system for detecting network intrusion and misuse

Computers and Security
Scalable reliable multicast using multiple multicast groups

SIGMETRICS '97 Proceedings of the 1997 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Computer immunology

Communications of the ACM
Path independence for authentication in large-scale systems

Proceedings of the 4th ACM conference on Computer and communications security
An analysis of security incidents on the Internet 1989-1995

An analysis of security incidents on the Internet 1989-1995
Implementing a distributed firewall

Proceedings of the 7th ACM conference on Computer and communications security
Scalable high-speed prefix matching

ACM Transactions on Computer Systems (TOCS)
Performance analysis of the CONFIDANT protocol

Proceedings of the 3rd ACM international symposium on Mobile ad hoc networking & computing
Autonomic Response to Distributed Denial of Service Attacks

RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems

Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
Modelling a Public-Key Infrastructure

ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
SCRIBE: The Design of a Large-Scale Event Notification Infrastructure

NGC '01 Proceedings of the Third International COST264 Workshop on Networked Group Communication
The power of epidemics: robust communication for large-scale distributed systems

ACM SIGCOMM Computer Communication Review
Randomized rumor spreading

FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
ALMI: an application level multicast infrastructure

USITS'01 Proceedings of the 3rd conference on USENIX Symposium on Internet Technologies and Systems - Volume 3

Survivable Monitoring in Dynamic Networks

IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Security applications of peer-to-peer networks

Computer Networks: The International Journal of Computer and Telecommunications Networking
A holistic approach to service survivability

Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
A survey of peer-to-peer content distribution technologies

ACM Computing Surveys (CSUR)
Description of bad-signatures for network intrusion detection

ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
Survivable Monitoring in Dynamic Networks

IEEE Transactions on Mobile Computing
Privacy-preserving payload-based correlation for accurate malicious traffic detection

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Towards scalable and robust distributed intrusion alert fusion with good load balancing

Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Balancing intrusion detection resources in ubiquitous computing networks

Computer Communications
Agent Methods for Network Intrusion Detection and Response

HoloMAS '07 Proceedings of the 3rd international conference on Industrial Applications of Holonic and Multi-Agent Systems: Holonic and Multi-Agent Systems for Manufacturing
Trust Management for Host-Based Collaborative Intrusion Detection

DSOM '08 Proceedings of the 19th IFIP/IEEE international workshop on Distributed Systems: Operations and Management: Managing Large-Scale Service Deployment
Peer-to-Peer Architecture for Collaborative Intrusion and Malware Detection on a Large Scale

ISC '09 Proceedings of the 12th International Conference on Information Security
SAX: a privacy preserving general pupose methodapplied to detection of intrusions

Proceedings of the ACM first international workshop on Privacy and anonymity for very large databases
Robust and scalable trust management for collaborative intrusion detection

IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
P2P-AIS: a P2P artificial immune systems architecture for detecting DDoS flooding attacks

GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Distributed instrusion prevention in active and extensible networks

IWAN'04 Proceedings of the 6th IFIP TC6 international working conference on Active networks
Collaborative intrusion detection framework: characteristics, adversarial opportunities and countermeasures

CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
Homogeneity as an advantage: it takes a community to protect an application

CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
Trust Management and Admission Control for Host-Based Collaborative Intrusion Detection

Journal of Network and Systems Management
Multi-agent Cooperative Cleaning of Expanding Domains

International Journal of Robotics Research
An intrusion detection technique based on continuous binary communication channels

International Journal of Security and Networks
A novel distributed intrusion detection architecture based on overlay multicasting

PDCAT'04 Proceedings of the 5th international conference on Parallel and Distributed Computing: applications and Technologies
D_DIPS: an intrusion prevention system for database security

ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Effective allied network security system based on designed scheme with conditional legitimate probability against distributed network attacks and intrusions

International Journal of Communication Systems
CAFS: a novel lightweight cache-based scheme for large-scale intrusion alert fusion

Concurrency and Computation: Practice & Experience
An orchestration approach for unwanted Internet traffic identification

Computer Networks: The International Journal of Computer and Telecommunications Networking
Collaborative anomaly-based attack detection

IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
FireCol: a collaborative protection network for the detection of flooding DDoS attacks

IEEE/ACM Transactions on Networking (TON)

Quantified Score

Hi-index	0.00

Visualization

Abstract

While the spread of the Internet has made thenetwork ubiquitous, it has also rendered networked systemsvulnerable to malicious attacks orchestrated from anywhere.These attacks or intrusions typically start with attackersinfiltrating a network through a vulnerable host andthen launching further attacks on the local network or Intranet.Attackers rely on increasingly sophisticated techniqueslike using distributed attack sources and obfuscatingtheir network addresses. On the other hand, software thatguards against them remains rooted in traditional centralizedtechniques, presenting an easily-targeted single point offailure. Scalable, distributed network intrusion preventiontechniques are sorely needed.We propose Indra-a distributed scheme based on sharinginformation between trusted peers in a network to guardthe network as a whole against intrusion attempts. Wepresent initial ideas for running Indra over a peer-to-peer infrastructureto distribute up-to-date rumors, facts, and trustinformation in a scalable manner.