• DocumentCode
    1955568
  • Title

    Cooperating systems for Global Intrusion Detection and Tolerance

  • Author

    Meddeb-Makhlouf, Amel ; Djemaiel, Yacine ; Boudriga, Noureddine

  • Author_Institution
    Univ. of Carthage, Carthage
  • fYear
    2007
  • fDate
    8-11 Oct. 2007
  • Firstpage
    235
  • Lastpage
    242
  • Abstract
    In this paper, we propose to cooperate multi level IDSs through the use of an architecture called global intrusion detection and tolerance architecture (GIDTA). GIDTA allows the detection of distributed attacks at their early stages using the collection, correlation, and exchange of data provided by different network components and the structures available at the operating system level and the disk management level. In addition, major detection and tolerance capabilities are protected against intruders attempts since they are performed by compromise independent components. The GIDTA components implement different functions based on global and hierarchical models allowing flee grained distributed analysis, and including intelligent capabilities that are able to impose a dynamic behavior taking into consideration the security state of the cooperating entities. A protocol called a neighbor identification protocol is designed to enhance detection and tolerance capabilities. Finally, GIDTA is validated based on the actions it performs in an environment that integrates an airport distributed application, including a flight management system.
  • Keywords
    protocols; security of data; telecommunication security; cooperating system; global intrusion detection; global intrusion tolerance; neighbor identification protocol; Airports; Communication networks; Environmental management; Independent component analysis; Information security; Intrusion detection; Management information systems; Operating systems; Protection; Protocols; IDS cooperation; Intrusion detection; Tolerance; correlation; storage-based intrusion detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security Technology, 2007 41st Annual IEEE International Carnahan Conference on
  • Conference_Location
    Ottawa, Ont.
  • Print_ISBN
    978-1-4244-1129-0
  • Type

    conf

  • DOI
    10.1109/CCST.2007.4373495
  • Filename
    4373495