Title :
A peer-to-peer collaborative intrusion detection system
Author :
Zhou, Chenfeng Vincent ; Karunasekera, Shanika ; Leckie, Christopher
Author_Institution :
Dept. of Comput. Sci. & Software Eng., Melbourne Univ., Carlton, Vic., Australia
Abstract :
Many types of network intrusions occur in multiple networks simultaneously, for example, scanning, worms, and denial-of-service attacks. Most of the current intrusion detection systems work in isolation to detect these attacks. Past research has shown that collaboration between these networks to share suspicious information is an effective way to detect intrusion. However, there are some challenges associated with the idea of collaborative detection, such as scalability and avoidance of a central point of failure. We propose a peer-to-peer approach for collaborative intrusion detection to address these challenges. Our solution proposes secure data sharing between participants from different organizations using a content based peer-to-peer publish/subscribe mechanism. The proposed scheme improves scalability, while avoiding a central point of failure. Our experimental results show improved detection latency and effective load balancing compared to a centralized architecture.
Keywords :
peer-to-peer computing; resource allocation; security of data; collaborative intrusion detection system; data sharing; load balancing; peer-to-peer system; scalability improvement; Collaboration; Collaborative work; Computer architecture; Computer crime; Computer science; Computer worms; Intrusion detection; Peer to peer computing; Scalability; Software engineering;
Conference_Titel :
Networks, 2005. Jointly held with the 2005 IEEE 7th Malaysia International Conference on Communication., 2005 13th IEEE International Conference on
Print_ISBN :
1-4244-0000-7
DOI :
10.1109/ICON.2005.1635451
