Institutional-Repository, University of Moratuwa.  

DIDS (Distributed Intrusion Detection System) - Motivation, Architecture, and An Early Prototype

Show simple item record

dc.contributor.author Snapp, SR
dc.contributor.author Brentano, J
dc.contributor.author Dias, G
dc.contributor.author Goan, TL
dc.contributor.author Heberlein, LT
dc.contributor.author Ho, CL
dc.contributor.author Levitt, KN
dc.date.accessioned 1991T04:02:25Z
dc.date.available 1991T04:02:25Z
dc.identifier.uri http://dl.lib.mrt.ac.lk/handle/123/12232
dc.description.abstract Intrusion detection is the problem of identifying unauthorized use, misuse, and abuse of computer systems by both system insiders and external penetrators. The proliferation of heterogeneous computer networks provides additional implications for the intrusion detection problem. Namely, the increased connectivity of computer systems gives greater access to outsiders, and makes it easier for intruders to avoid detection. IDS’s are based on the belief that an intruder’s behavior will be noticeably different from that of a legitimate user. We are designing and implementing a prototype Distributed Intrusion Detection System (DIDS) that combines distributed monitoring and data reduction (through individual host and LAN monitors) with centralized data analysis (through the DIDS director) to monitor a heterogeneous network of computers. This approach is unique among current IDS’s. A main problem considered in this paper is the Network- user Identification problem, which is concerned with tracking a user moving across the network, possibly with a new user-id on each computer. Initial system prototypes have provided quite favorable results on this problem and the detection of attacks on a network. This paper provides an overview of the motivation behind DIDS, the system architecture and capabilities, and a discussion of the early prototype. en_US
dc.relation.uri http://www.academia.edu/download/4378230/10.1.1.46.4991.pdf en_US
dc.source.uri http://www.academia.edu/download/4378230/10.1.1.46.4991.pdf en_US
dc.title DIDS (Distributed Intrusion Detection System) - Motivation, Architecture, and An Early Prototype en_US
dc.identifier.year 1991 en_US
dc.identifier.journal Proceedings of the 14th national computer security conference en_US
dc.identifier.volume 1 en_US
dc.identifier.pgnos 167-176 en_US
dc.identifier.email gihan@uom.lk en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record