Efficient Distributed Signature Analysis

Abstract : Intrusion Detection Systems (IDS) have proven as valuable measure to cope reactively with attacks in the Internet. The growing complexity of IT-systems, however, increases rapidly the audit data volumes and the size of the signature bases. This forces IDS to drop audit data in high load situations thus offering attackers chances to act undetected. To tackle this issue we propose an efficient and adaptive analysis approach for multi-step signatures that is based on a dynamic distribution of analyses. We propose different optimization strategies for an efficient analysis distribution. The strengths and weaknesses of each strategy are evaluated based on a prototype implementation.
Type de document :
Communication dans un congrès
Isabelle Chrisment; Alva Couch; Rémi Badonnel; Martin Waldburger. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. Springer, Lecture Notes in Computer Science, LNCS-6734, pp.13-25, 2011, Managing the Dynamics of Networks and Services. 〈10.1007/978-3-642-21484-4_2〉
Liste complète des métadonnées

Littérature citée [9 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01585852
Contributeur : Hal Ifip <>
Soumis le : mardi 12 septembre 2017 - 10:19:17
Dernière modification le : mardi 12 septembre 2017 - 10:22:14
Document(s) archivé(s) le : mercredi 13 décembre 2017 - 15:02:43

Fichier

978-3-642-21484-4_2_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Michael Vogel, Sebastian Schmerl, Hartmut König. Efficient Distributed Signature Analysis. Isabelle Chrisment; Alva Couch; Rémi Badonnel; Martin Waldburger. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. Springer, Lecture Notes in Computer Science, LNCS-6734, pp.13-25, 2011, Managing the Dynamics of Networks and Services. 〈10.1007/978-3-642-21484-4_2〉. 〈hal-01585852〉

Partager

Métriques

Consultations de la notice

25

Téléchargements de fichiers

5