An Enhanced Infrastructure for Peer-to-Peer Intrusion Detection Systems

Peer-to-peer (P2P) overlays are employed as the underlying infrastructure of P2P Intrusion Detection Systems (IDSs). However, the improper topology of this type of infrastructure prevents efficient propagation of alerts among IDS peers and hence quick detection. We propose an enhanced logical topology as the infrastructure of P2P IDSs. We demonstrate that using this method reduces the communication latency of P2P IDSs significantly. Therefore, the enhanced infrastructure can be integrated with the existing peer-to-peer IDS architectures to further improve their performance. Our evaluation results show the performance of the existing P2P IDSs can be improved around 70% in large scale environments.

[1]  Peter Druschel,et al.  Pastry: Scalable, distributed object location and routing for large-scale peer-to- , 2001 .

[2]  David R. Karger,et al.  Chord: A scalable peer-to-peer lookup service for internet applications , 2001, SIGCOMM '01.

[3]  D. Watts,et al.  Small Worlds: The Dynamics of Networks between Order and Randomness , 2001 .

[4]  C. Leckie,et al.  A peer-to-peer collaborative intrusion detection system , 2005, 2005 13th IEEE International Conference on Networks Jointly held with the 2005 IEEE 7th Malaysia International Conf on Communic.

[5]  M.E. Locasto,et al.  Towards collaborative security and P2P intrusion detection , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[6]  Somesh Jha,et al.  Global Intrusion Detection in the DOMINO Overlay System , 2004, NDSS.

[7]  Panos M. Pardalos,et al.  Network Optimization , 1997 .

[8]  Antony I. T. Rowstron,et al.  Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems , 2001, Middleware.

[9]  Tomas Fencl,et al.  Network Optimization , 2011, Lecture Notes in Computer Science.

[10]  Siavash Khorsandi,et al.  A Mathematical Foundation for Chord Overlays , 2009, 2009 International Conference on Advanced Computer Control.

[11]  David Eppstein,et al.  A steady state model for graph power laws , 2002, ArXiv.

[12]  Catalin Dumitrescu,et al.  INTCTD: A Peer-to-Peer Approach for Intrusion Detection , 2006, Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06).

[13]  Alan M. Frieze,et al.  Random graphs , 2006, SODA '06.

[14]  Qi Zhang,et al.  Indra: a peer-to-peer approach to network intrusion detection and prevention , 2003, WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003..