Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
The Impact of Data Aggregation in Wireless Sensor Networks
ICDCSW '02 Proceedings of the 22nd International Conference on Distributed Computing Systems
Preemptive Distributed Intrusion Detection Using Mobile Agents
WETICE '02 Proceedings of the 11th IEEE International Workshops on Enabling Technologies: nfrastructure for Collaborative Enterprises
Sensor Networks
DIDMA: A Distributed Intrusion Detection System Using Mobile Agents
SNPD-SAWN '05 Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Networks
Dempster-Shafer Theory for Intrusion Detection in Ad Hoc Networks
IEEE Internet Computing
Network intrusion and fault detection: a statistical anomaly approach
IEEE Communications Magazine
Hi-index | 0.00 |
A current trend in computer network intrusion detection is to deploy a network of traffic sensors, or agents, throughout the network and forward sensed information back to a central processor. As these systems start to incorporate hundreds, even thousands, of sensors, managing and presenting the information from these sensors is becoming an increasingly difficult task. This paper explores the use of conversation exchange dynamics (CED) to integrate and display sensor information from multiple nodes. We present an experimental setup consisting of multiple sensors reporting individual findings to a central server for aggregated analysis. Different scenarios of network attacks and intrusions were planned to investigate the effectiveness of the distributed system. The network attacks were taken from the M.I.T. Lincoln Lab 1999 Data Sets. The distributed system was subjected to different combinations of network attacks in various parts of the network. The results were then analyzed to understand the behavior of the distributed system in response to the different attacks. In general, the distributed system detected all attacks under each scenario. Some surprising observations also indicated attack responses occurring in unanticipated scenarios.