Title :
Cost-based intelligent intrusion detection and response: design and implement
Author :
Shijie, Zhou ; Zhiguang, Qin ; Xucheng, Luo ; Xianfeng, Zhang ; Feng, Zhang ; Jinde, Liu
Author_Institution :
Coll. of Comput. Sci. & Eng., Univ. of Electron. Sci. & Technol. of China, China
Abstract :
A flexible intrusion detection and response system (ID&R) needs to maximize security while minimizing cost and making response automatically. CI2D&R, the cost-based intelligent intrusion detection and response system, is proposed, which is originally developed as a facility to deal with network-based attacks and to make effective response automatically and intelligently. The networking environment deployed with the CI2D&R consists of two major parts: guard, which runs on the specific guarded host (GH), and spy, which runs in guarded network (GN). The components of the CI2D&R are introduced, which include intrusion detection, attack classification, damage analysis, attack path rebuilding, resources automatically safeguarding, calamity recovery, and security officer. The several kinds of data flow in CI2D&R are discussed, too. While CI2&R is only a prototype, some experimental results are also presented.
Keywords :
computer networks; security of data; telecommunication security; Guard; IP traceback; Spy; attack classification; attack path rebuilding; calamity recovery; cost based intrusion detection and response system; damage analysis; distributed denial of service attacks; guarded host; guarded network; network-based attacks; security; Computer crime; Computer science; Computer security; Costs; Data security; Educational institutions; Information security; Intelligent networks; Intrusion detection; Prototypes;
Conference_Titel :
Parallel and Distributed Computing, Applications and Technologies, 2003. PDCAT'2003. Proceedings of the Fourth International Conference on
Print_ISBN :
0-7803-7840-7
DOI :
10.1109/PDCAT.2003.1236280
