A Distributed Intrusion Detection System against flooding Denial of Services attacks

A Distributed Intrusion Detection System against flooding Denial of Services attacks

A DIDS(Distributed Intrusion Detection System) named as F-DIDS is built to defend against flooding DoS(Denial of Services) attacks in the paper. F-DIDS is composed of F-IDSes which are settled in nodes who need to be protected. F-DIDS is a complete DIDS, in which each node with F-IDS can be the dete...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Xie Chuiyi, Zhang Yizhi, Bai Yuan, Luo Shuoshan, Xu Qin
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer crime
Computer hacking
Denial of Service
Distributed databases
Distributed Intrusion Detection System
Floods
Global communication
ICMP Flooding
Intellectual property
Intrusion detection
SYN Flooding
UDP Flooding
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A DIDS(Distributed Intrusion Detection System) named as F-DIDS is built to defend against flooding DoS(Denial of Services) attacks in the paper. F-DIDS is composed of F-IDSes which are settled in nodes who need to be protected. F-DIDS is a complete DIDS, in which each node with F-IDS can be the detection centre. Due to no central node, single failure can be avoided in F-DIDS. In F-DIDS, Traffic tables help to build up traffic matrixes. By analyzing traffic matrixes, flooding DoS attacks could be detected and three normal flooding DoS attacks are classified. Local and global communication methods are proposed to reduce the overhead brought from fully distributed architecture. The simulation results and performance analysis show that F-DIDS works effectively.
ISSN:1738-9445