Comunicação segura na composição de IDSs e seus custos

The intrusion detection systems are usually designed to work in local area networks. These systems do not foresee the integration with other intrusion detection tools, reducing the scope of the analysis. This paper presents a model for secure communication between components of intrusion detection systems in large-scale environments. The introduced model supports the end-to-end secu- rity by using standards and the Web Services technology. A comparison between the involved communication technologies is also presented.

[1]  T. Bass,et al.  Service-oriented horizontal fusion in distributed coordination-based systems , 2004, IEEE MILCOM 2004. Military Communications Conference, 2004..

[2]  C. M. Sperberg-McQueen,et al.  Extensible markup language , 1997 .

[3]  Giovanni Vigna,et al.  The STAT tool suite , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[4]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[5]  Bong-Nam Noh,et al.  Supporting interoperability to heterogeneous IDS in secure networking framework , 2003, 9th Asia-Pacific Conference on Communications (IEEE Cat. No.03EX732).

[6]  Mike Erlinger,et al.  Intrusion Detection Message Exchange Requirements , 2007, RFC.

[7]  Joni da Silva Fraga,et al.  A New Approach for IDS Composition , 2006, 2006 IEEE International Conference on Communications.

[8]  Evangelos P. Markatos,et al.  Performance analysis of content matching intrusion detection systems , 2004, 2004 International Symposium on Applications and the Internet. Proceedings..

[9]  D. Eastlake,et al.  XML Encryption Syntax and Processing , 2003 .

[10]  Chao-Tung Yang,et al.  Integrating grid with intrusion detection , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[11]  Giovanni Vigna,et al.  An experience developing an IDS stimulator for the black-box testing of network intrusion detection systems , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[12]  Somesh Jha,et al.  Global Intrusion Detection in the DOMINO Overlay System , 2004, NDSS.

[13]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[14]  Gail-Joon Ahn,et al.  Intrusion Detection Force: an infrastructure for Internet-scale intrusion detection , 2003, First IEEE International Workshop on Information Assurance, 2003. IWIAS 2003. Proceedings..

[15]  Roberto Chinnici,et al.  Web Services Description Language (WSDL) Version 2.0 Part 1: Core Language , 2007 .