Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEECIT
2010
IEEE
2010
IEEE
Selective and Early Threat Detection in Large Networked Systems
—The complexity of modern networked information systems, as well as all the defense-in-depth best practices, require distributed intrusion detection architectures relying on the cooperation of multiple components. Similar solutions cause a multiplication of alerts, thus increasing the time needed for alert management and hiding the few critical alerts as needles in a hay stack. We propose an innovative distributed architecture for intrusion detection that is able to provide system administrators with selective and early security warnings. This architecture is suitable to large networks composed by several departments because it leverages hierarchical and peer-to-peer cooperation schemes among distributed NIDSes. Moreover, it embeds a distributed alert ranking system that makes it possible to evaluate the real level of risk represented by a security alert generated by a NIDS, and it allows independent network departments to exchange early warnings about critical threats. Thanks to the...
Real-time TrafficRelated Content
| Added | 26 Jan 2011 |
| Updated | 26 Jan 2011 |
| Type | Journal |
| Year | 2010 |
| Where | IEEECIT |
| Authors | Michele Colajanni, Mirco Marchetti, Michele Messori |
Comments (0)
Researcher Info
|
