A traditional Network Intrusion Detection System (NIDS) isbased on a centralized architecture that does not satisfy theneeds of most modern network infrastructures characterizedby high traffic volumes and complex topologies. The problemof decentralized NIDS based on multiple sensors is thateach of them gets just a partial view of the network trafficand this prevents a stateful and fully reliable traffic analysis.We propose a novel cooperation mechanism that addressesthe previous issues through an innovative state managementand state migration framework. It allows multipledecentralized sensors to share their internal state, thus accomplishing innovative and powerful traffic analysis. Theadvanced functionalities and performance of the proposedcooperative framework for network intrusion detection systemsare demonstrated through a fully operative prototype.

Enhancing interoperability and stateful analysis of cooperative network intrusion detection systems / Colajanni, Michele; D., Gozzi; Marchetti, Mirco. - STAMPA. - (2007), pp. N/A-N/A. ((Intervento presentato al convegno ACM/IEEE ANCS 2007 tenutosi a Orlando, FL nel Dec. 2007.

I documenti presenti in Iris Unimore sono rilasciati con licenza Creative Commons Attribuzione - Non commerciale - Non opere derivate 3.0 Italia, salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Powered by IRIS-about IRIS-Utilizzo dei cookie

 Copyright © 2021