期刊名称:International Journal of Electronics, Communication and Soft Computing Science and Engineering
印刷版ISSN:2277-9477
出版年度:2012
卷号:2
期号:Special
出版社:IJECSCSE
摘要:Intrusion Detection System (IDS) technology is an important component in designing a secure environment. Aler t aggregation is an important subtask of intrusion detection. The goal is to identify and to cluster different alerts produced by low - level intrusion detection systems, firewalls, etc. belonging to a specific attack instance which has been initiated by an attacker at a certain point in time. Thus, meta - alerts can be generated for the clusters that contain all the relevant information whereas the amount of data (i.e., alerts) can be reduced substantially. Distributed IDS systems are the next logical level fo r IDS systems to move to. A distributed IDS (dIDS) consists of multiple Intrusion Detection Systems (IDS) over a large network, all of which communicate with each other, or with a central server that facilitates advanced network monitoring, incident analys is, and instant attack data. A dIDS also allows to identify threats to the network across multiple network segments. In Network monitoring client will receive data & filter the data contents as per queue signature or algorithm & it will generate alerts & it will transmit alerts to server end
关键词:DistributedIntrusion detection; Attack alert aggregation; data stream; data se0074; Monitoring; Data transmission; Alert UI
