Enhancing collaborative intrusion detection methods using a Kademlia overlay network

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7479 LNCS, Issue , 2012, Pages 52-63

  Czirkos, Zoltán ^a   Hosszú, Gábor ^a  

^a BUDAPEST UNIVERSITY OF TECHNOLOGY AND ECONOMICS   (Hungary)

Author keywords

attack aggregation; attack correlation; collaborative intrusion detection; intrusion detection system; peer to peer

Indexed keywords

COMPUTATIONAL CAPACITY; COMPUTATIONAL LOADS; DATA STORAGE; DETECTION PROBES; DISTRIBUTED HASH TABLE; DYNAMIC PROPERTY; INTRUSION DETECTION METHOD; INTRUSION DETECTION SYSTEMS; INTRUSION EVENTS; KADEMLIA; OVERLAY NETWORK TOPOLOGY; PEER TO PEER;

ELECTRIC NETWORK TOPOLOGY; INFORMATION TECHNOLOGY; INTRUSION DETECTION; OVERLAY NETWORKS;

DISTRIBUTED COMPUTER SYSTEMS;

EID: 84865446336     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-32808-4_6     Document Type: Conference Paper

References (21)

1. Snort - open-source intrusion detection system, http://www.snort.org/
2. Androutsellis-Theotokis, S., Spinellis, D.: A survey of peer-to-peer content distribution technologies. ACM Computing Surveys (CSUR) 36(4), 335-371 (2004)
3. Cuppens, F., Ortalo, R.: LAMBDA: A Language to Model a Database for Detection of Attacks. In: Debar, H., Mé, L., Wu, S.F. (eds.) RAID 2000. LNCS, vol. 1907, pp. 197-216. Springer, Heidelberg (2000)
4. Czirkos, Z., Hosszú, G.: Peer-to-peer Based Intrusion Detection. Infocommunications Journal LXIV(I), 3-10 (2009)
5. Czirkos, Z., Tóth, L.L., Hosszú, G., Kovács, F.: Novel Applications of the Peer-to-Peer Communication Methodology. Journal on Information Technologies and Communications E-1(1(5)), 59-70 (2009)
6. Debar, H., Wespi, A.: Aggregation and Correlation of Intrusion-Detection Alerts. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 85-103. Springer, Heidelberg (2001)
7. Duffield, N., Haffner, P., Krishnamurthy, B., Ringberg, H.: Rule-based anomaly detection on ip flows. In: IEEE INFOCOM 2009, pp. 424-432. IEEE (2009)
8. Janakiraman, R., Waldvogel, M., Zhang, Q.: Indra: A Peer-to-peer Approach to Network Intrusion Detection and Prevention. In: Proceedings of Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2003, pp. 226-231. IEEE (2003)
9. Karger, D., Lehman, E., Leighton, T., Panigrahy, R., Levine, M., Lewin, D.: Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the world wide web. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, STOC 1997, pp. 654-663. ACM, New York (1997)
10. Kemmerer, R.: Nstat: A model-based real-time network intrusion detection system. University of California-Santa Barbara Technical Report TRCS97 18 (1997)
11. Kemmerer, R., Vigna, G.: Intrusion detection: a brief history and overview. Computer 35(4), 27-30 (2002)
12. Krishnamurthy, S., El-Ansary, S., Aurell, E., Haridi, S.: A Statistical Theory of Chord Under Churn. In: van Renesse, R. (ed.) IPTPS 2005. LNCS, vol. 3640, pp. 93-103. Springer, Heidelberg (2005)
13. Maymounkov, P., Mazières, D.: Kademlia: A Peer-to-peer Information System Based on the XOR Metric (2002)
14. Moore, D., Paxson, V., Savage, S., Shannon, C., Staniford, S., Weaver, N.: Inside the slammer worm. IEEE Security & Privacy 1(4), 33-39 (2003)
15. Stoica, I., Morris, R., Karger, D., Kaashoek, M., Balakrishnan, H.: Chord: A scalable peer-to-peer lookup service for internet applications. ACM SIGCOMM Computer Communication Review 31(4), 149-160 (2001)
16. Templeton, S., Levitt, K.: A requires/provides model for computer attacks. In: Proceedings of the 2000 Workshop on New Security Paradigms, pp. 31-38. ACM (2001)
17. Valdes, A., Skinner, K.: Probabilistic Alert Correlation. In: Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection, pp. 54-68 (October 2001)
18. Vlachos, V., Spinellis, D.: A PRoactive Malware Identification System based on the Computer Hygiene Principles. Information Management and Computer Security 15(4), 295-312 (2007)
19. Yegneswaran, V., Barford, P., Jha, S.: Global intrusion detection in the domino overlay system. In: Proceedings of NDSS (2004)
20. Zhou, C.V., Karunasekera, S., Leckie, C.: A Peer-to-Peer Collaborative Intrusion Detection System. In: 13th IEEE International Conference on Networks, vol. 1, p. 6. IEEE (2006)
21. Zhou, C., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers & Security 29(1), 124-140 (2010)