NIDH - Network Intrusion Detection Hierarchy: A model for gathering attack intelligence
暂无分享,去创建一个
Internet proxy systems such as Squid exchange intelligence relevant to their function as caching proxy servers via a distributed and trusted hierarchy of machines. The required intelligence is broadcast based along the network based upon established trust relationships throughout the connected network via specific port and protocols of exchange. An intrusion detection system that incorporates this functionality for gathering attack intelligence could be a formidable foe even for the wiliest attacker. This paper will outline a possible model for the deployment of a network/distributed network intrusion detection system utilising technologies and techniques already in existence to provide the supporting infrastructure.
[1] Eugene H. Spafford,et al. Intrusion detection using autonomous agents , 2000, Comput. Networks.
[2] Sven Dietrich,et al. Analyzing Distributed Denial of Service Tools: The Shaft Case , 2000, LISA.
[3] Donald E. Brown,et al. Interactive Analysis of Computer Crimes , 2000, Computer.
[4] Peter G. Neumann,et al. Risks of insiders , 1999 .
[5] S. Kent,et al. On the trail of intrusions into information systems , 2000 .