Indonesian Journal of Electrical Engineering and Computer Science
Vol 11, No 10: October 2013

A Distributed Network Intrusion Detection System with Active Surveillance Agent

Bin Zeng (Naval University of Engineering)
Lu Yao (Naval University of Engineering)
Rui Wang (Naval University of Engineering)

Article Info

Publish Date
01 Oct 2013

Abstract

A distributed network intrusion detection system (IDS) called SA-NIDS is proposed based on the network-based intrusion detection architecture. It includes three basic components, Local Intrusion Detection Monitor (LIDM), Global Intrusion Detection Controller (GIDC), and Surveillance Agent (SA). Basically, the LIDM is used to do packets capturing, packets de-multiplexing, local intrusion detection and intrusion inferring. The GIDC is installed in administration center for communicating and managing LIDMs, it can also do the intrusion detection and intrusion inferring. The SA contains several optional functions for information gathering. After an attack behavior is discovered, the SA may be used to launch some kinds of information gathering to the attacker, so that the proposed SA-NIDS has the active surveillance ability. For the intrusion inferring, the pattern matching and the statistical approach are applied in SA-NIDS. The experimental results can satisfy the needs of network information safety.  DOI: http://dx.doi.org/10.11591/telkomnika.v11i10.3707

Copyrights © 2013




Citation Download
RIS
EndNote, Reference Manager, ProCite
BibTex
Latex, Jabref
Original Source
Download Original
Google Scholar
Check in Google Scholar
Journal Info
Indonesian Journal of Electrical Engineering and Computer Science
Website

Abbrev

IJEECS

Publisher

Institute of Advanced Engineering and Science

Subject

Description

...