A global security architecture for intrusion detection on computer networks

被引：27

作者：

Ganame, Abdoul Karim ^{[1
]}

Bourgeois, Julien ^{[1
]}

Bidou, Renaud ^{[1
]}

Spies, Francois ^{[1
]}

机构：

[1] Univ Franche Comte, LIFC, F-25200 Montbeliard, France

来源：

COMPUTERS & SECURITY | 2008年 / 27卷 / 1-2期

关键词：

IDS; distributed intrusion detection; SOC; network security; global view;

D O I：

10.1016/j.cose.2008.03.004

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Detecting all kinds of intrusions efficiently requires a global view of the monitored network. Built to increase the security of computer networks, traditional IDS's are unfortunately unable to give a global view of the security of a network. To overcome this situation, we are developing a distributed SOC (Security Operation Center) which is able to detect attacks occurring simultaneously on several sites in a network and to give a global view of the security of that network. In this article, we present the global architecture of our system, called DSOC as well as several methods used to test its accuracy and performance. (c) 2008 Elsevier Ltd. All rights reserved.

引用

页码：30 / 47

页数：18

共 17 条

[1]

AJITH A, 2005, J NETWORK COMPUTER A

[2]

[Anonymous], DOBBS J

[3]

Cuppens F, 2001, 17 ANN COMP SEC APPL

[4]

Curry D., 2003, INTRUSION DETECTION

[5]

Ganame AK, 2006, SECRYPT 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, P48

[6]

Ganame AK, 2006, J INF ASSUR SECUR, V1, P181

[7] PAID: A Probabilistic Agent-Based Intrusion Detection system [J].

Gowadia, V ;

Farkas, C ;

Valtorta, M .

COMPUTERS & SECURITY, 2005, 24 (07) :529-545

[8]

JANAKIRAMAN R, 2003, P IEEE WETICE JUN

[9]

LEE S, 2005, COMPUTERS SECURI MAY

[10]

Li C., 2004, P 2 INT C INF TECHN, P451

← 1 2 →