A traditional Network Intrusion Detection System (NIDS) isbased on a centralized architecture that does not satisfy theneeds of most modern network infrastructures characterizedby high traffic volumes and complex topologies. The problemof decentralized NIDS based on multiple sensors is thateach of them gets just a partial view of the network trafficand this prevents a stateful and fully reliable traffic analysis.We propose a novel cooperation mechanism that addressesthe previous issues through an innovative state managementand state migration framework. It allows multipledecentralized sensors to share their internal state, thus accomplishing innovative and powerful traffic analysis. Theadvanced functionalities and performance of the proposedcooperative framework for network intrusion detection systemsare demonstrated through a fully operative prototype.

Enhancing interoperability and stateful analysis of cooperative network intrusion detection systems / Colajanni, Michele; D., Gozzi; Marchetti, Mirco. - STAMPA. - (2007), pp. 165-174. ((Intervento presentato al convegno 3rd ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS 2007 tenutosi a Orlando, FL, usa nel Dec. 2007 [10.1145/1323548.1323576].

I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Powered by IRIS-about IRIS-Utilizzo dei cookie

 Copyright © 2021