• DocumentCode
    2559452
  • Title

    Towards survivable intrusion detection system

  • Author

    Yu, Dong ; Frincke, Deborah

  • Author_Institution
    Center for Secure & Dependable Software, Idaho Univ., USA
  • fYear
    2004
  • fDate
    5-8 Jan. 2004
  • Abstract
    Intrusion detection systems (IDS) are increasingly a key part of system defense, often operating under a high level of privilege to achieve their purposes. Therefore, the ability of an IDS to withstand attack is important in a production system. In this paper, we address the issue of survivable IDS. We begin by categorizing potential vulnerabilities in a generic IDS and classifying methods used to enhance IDS survivability. We then propose an efficient fault tolerance based Survivable IDS (SIDS) along with a systematic way to transform an original IDS architecture into this survivable architecture. Key components of SIDS include: a dual-functionality forward-ahead (DFFA) structure, backup communication paths, component recycling, system reconfiguration, and an anomaly detector. Use of the SIDS transformation should result in an improvement in IDS survivability at low cost.
  • Keywords
    security of data; IDS architecture; anomaly detector; backup communication paths; component recycling; dual-functionality forward-ahead; fault tolerance-based survivable IDS; intrusion detection system; key components; survivable architecture; system defense; system reconfiguration; Costs; Data analysis; Detectors; Fault tolerant systems; Independent component analysis; Intrusion detection; Performance analysis; Production systems; Recycling; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    System Sciences, 2004. Proceedings of the 37th Annual Hawaii International Conference on
  • Print_ISBN
    0-7695-2056-1
  • Type

    conf

  • DOI
    10.1109/HICSS.2004.1265702
  • Filename
    1265702