Call for Paper - March 2023 Edition
IJCA solicits original research papers for the March 2023 Edition. Last date of manuscript submission is February 20, 2023. Read More

An Approach for Collaborative Decision in Distributed Intrusion Detection System

Print
PDF
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Year of Publication: 2016
Authors:
Deepak Kumar Sharma, Nikhil Kumar Singh
10.5120/ijca2016908026

Deepak Kumar Sharma and Nikhil Kumar Singh. Article: An Approach for Collaborative Decision in Distributed Intrusion Detection System. International Journal of Computer Applications 133(13):8-14, January 2016. Published by Foundation of Computer Science (FCS), NY, USA. BibTeX

@article{key:article,
	author = {Deepak Kumar Sharma and Nikhil Kumar Singh},
	title = {Article: An Approach for Collaborative Decision in Distributed Intrusion Detection System},
	journal = {International Journal of Computer Applications},
	year = {2016},
	volume = {133},
	number = {13},
	pages = {8-14},
	month = {January},
	note = {Published by Foundation of Computer Science (FCS), NY, USA}
}

Abstract

Computers have virtually changed every aspect of our life. The rapid growth in the development of computers was focused on making the computer easy to use for all. The rapid growth did not give as much importance on the security of the computer system thereby leaving system as vulnerable to attacks. As internet and its applications are increasing, complex and hybrid networks are being used for communication. So many loopholes are being explored to intrude into other systems. There are many tools and techniques available for securing networks like Firewalls, IDS etc. and until now they are used very frequently by nearly all the organizations to safeguard information and other critical data but these are not sufficient for implementing complete security because the intruders have become smarter.

Higher security being the priority of many organizations has led to the importance and promoting active research on efficient Intrusion Detection Systems. To deal with various types of attacks we need to have information of attacks from other sources as well. This can be done by sharing intrusion information with all. As hackers are becoming more intelligent we need to have collaborative decision making system where intrusion activity is decided by knowing other’s opinion as well. We have proposed an approach to enhance the collaborative decision making by conducting polls between registered intrusion detection systems in the network. Intrusion activity for new packets and false positives is decided based on all opinions gathered from registered intrusion detection systems.

References

  1. R. Heady, G. Luger, A. Maccabe, and M. Servilla, “The architecture of a network level intrusion detection system”, Technical Report CS90-20, Department of Computer Science, University of New Mexico, August 1990.
  2. L. Silva, A. Santos, J. Silva, and A. Montes, “A Neural Network Application for Attack Detection in Computer Networks”, In the proceedings of the IEEE International Joint Conference on Neural Network, Vol. 2, pp. 1569 – 1574, July 2004.
  3. C. Zhang, J. Jiang, and M. Kamel, “Intrusion Detection using Hierarchical Neural Networks”, Pattern Recognition Letters, Vol. 26, No. 1, pp. 779–791, 16 February 2004.
  4. A. Sung and Srinivas Mukkamala, “Identifying Important Features for Intrusion Detection Using Support Vector Machines and Neural Networks”, Symposium on Application and Internet (SAINT’03), pp: 209- 216, 27-31 January. 2003.
  5. S. Snapp, J. Brentano, G. Dias, T. Goan, T. Grance, L. Heberlein, C. Ho, K. Levitt, B. Mukherjee, D. Mansur, K. Pon, and S. Smaha, “A System for Distributed Intrusion Detection [C]”, Proceedings of the 14th Conference on National Computer Security Conference, Vol.9, pp. 170-176, March 1991.
  6. M. A. Aydin, A. H Zaim, and K. G. Ceylan, Feb. 2009, “A hybrid intrusion detection system design for computer network security,” In the journal of Computers and Electrical Engineering, Vol. 35 , No. 3, pp. 517-526, 2009.
  7. S. Snapp, J. Brentano, and G. Dias, “DIDS (Distributed Intrusion Detection System) – motivation, architecture, and an early prototype”, In the proceedings of the 14th National Computer Security Conference, October 1991.
  8. E. Spafford and D. Zamboni, “Intrusion Detection using Autonomous Agents”, In the International Journal of Computer and Telecommunications Networking, pp. 547-570, 2000.
  9. D. Ye, W. Hui-Qiang, and P. Yong-Gang, “Design of A Distributed Intrusion Detection System Based on Independent Agents”, In the proceedings of International Conference on Intelligent Sensing and Information Processing, pp. 254 – 257, 2004.
  10. Th. Verwoerd and R. Hunt, “Intrusion Detection Techniques and Approaches”, Journal in Computer Communications, pp. 1356-1365. 2002.
  11. B. Mukherjee, L.T. Heberlein, and K.N. Levitt, “Network Intrusion Detection” IEEE Network, pp. 26-41, Vo1.8, No.3, May-June 1994.
  12. P. Lichodzijewski and A. Zincir, “Host-Based Detection Using Self-Organizing Maps”, In the Proceedings of International Joint Conference on Neural Networks, Vol. 2, pp. 1714-1719, 2002.
  13. M. Yasin and A. Awan, “A Study of Host-Based IDS using System Calls”, In the proceedings of the International Conference on Networking and Communication 2004, pp. 36- 41, June 2004.
  14. J. Hochberg, K. Jackson, C. Stallings, J. McClary, D. DuBois, and J. Ford, “NADIR: An Automated System for Detecting Network Intrusion and Misuse”, In the proceedings of the Conference on Computers and Security, pp. 235–248, May 1993.
  15. M. Treaster, “A Survey of Distributed Intrusion Detection Approaches”, ArXiv Computer Science e-prints: cs/0501001. December 2005, Available at: http://arxiv.org/abs/cs/0501001 (March 2009)
  16. R. Robbins, “Distributed Intrusion Detection Systems: An Introduction and Review”, GSEC Practical Assignment, version 1.4b, Option 1, January 2, 2002.
  17. C. V. Zhou, C. Leckie, and S. Karunasekera, Feb. 2009, “Decentralized multidimensional alert correlation for collaborative intrusion detection,” Published by Elsevier Ltd. Journal of Network and Computer Applications 32 (2009), pp. 1106-1123.
  18. C. V. Zhou, C. Leckie, and S. Karunasekera, June, “A survey of coordinated attacks and collaborative intrusion detection ,” Jonoural of Computer Security, Vol. 29, No. 1, pp. 124–140, 2010
  19. H. Debar, “An Introduction to Intrusion-Detection Systems”, In the proceedings of Connect, May, 2000.
  20. G. White, E. Fisch, and U. Pooch, “Cooperating Security Managers: A Peer-Based Intrusion Detection System”, IEEE Network, Vol. 10, No. 1, pp. 20–23, January/February 1996.
  21. P. Porras and P. Neumann, “EMERALD: Event monitoring enabling responses to anomalous live disturbances”, In the proceedings of the 20th National Information Systems Security Conference, 1997.
  22. S. Staniford-Chen, S. Tung, D. Schnackenberg, “The Common Intrusion Detection Framework (CIDF)”, In the proceedings of the information survivability workshop, October 1998.
  23. Y. Wu, B. Foo, Y. Mei, and S. Bagchi. “Collaborative Intrusion Detection System (CIDS): A Framework for Accurate and Efficient IDS”, In the proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 03), pp. 234 – 244, December 2003.
  24. Chao Shen, Shengjun Xue,2010, “Design and Implementation of Distributed Collaborative Intrusion Detection System Model”, In the proceeding of Fuzzy systems and Knowledge Discovery, pp. 1224-1228.

Keywords

Distributed IDS, Anomaly detection