• DocumentCode
    3062025
  • Title

    The Architecture of the Large-scale Distributed Intrusion Detection System

  • Author

    Chu, Yonggang ; Li, Jun ; Yang, Yixian

  • Author_Institution
    Lenovo Security Technologies, China
  • fYear
    2005
  • fDate
    05-08 Dec. 2005
  • Firstpage
    130
  • Lastpage
    133
  • Abstract
    High-speed, large-scale networks present new challenges to an intrusion detection system. These challenges include: the volume of data that must be analyzed, the high-speed data stream that IDS must deal with. To adapt these new demands, this paper propose a novel architecture for Large-scale Distributed Intrusion Detection Systems(LDIDS) that can be applied to large-scale networks. This architecture is based on hierarchy, which consists of a root node, several branch nodes and leaf nodes. In this architecture, each node is an independent IDS, all IDSs constituting the whole LDIDS. The main advantage of this architecture is scalability and collaboration. We describe the framework of the nodes in detail. We also present an implementation of LDIDS which is designed according to the architecture.
  • Keywords
    Collaboration; Communications technology; Computer architecture; Data analysis; Data security; Intrusion detection; Large-scale systems; Monitoring; Scalability; Watches;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Parallel and Distributed Computing, Applications and Technologies, 2005. PDCAT 2005. Sixth International Conference on
  • Print_ISBN
    0-7695-2405-2
  • Type

    conf

  • DOI
    10.1109/PDCAT.2005.233
  • Filename
    1578881