DocumentCode
2559452
Title
Towards survivable intrusion detection system
Author
Yu, Dong ; Frincke, Deborah
Author_Institution
Center for Secure & Dependable Software, Idaho Univ., USA
fYear
2004
fDate
5-8 Jan. 2004
Abstract
Intrusion detection systems (IDS) are increasingly a key part of system defense, often operating under a high level of privilege to achieve their purposes. Therefore, the ability of an IDS to withstand attack is important in a production system. In this paper, we address the issue of survivable IDS. We begin by categorizing potential vulnerabilities in a generic IDS and classifying methods used to enhance IDS survivability. We then propose an efficient fault tolerance based Survivable IDS (SIDS) along with a systematic way to transform an original IDS architecture into this survivable architecture. Key components of SIDS include: a dual-functionality forward-ahead (DFFA) structure, backup communication paths, component recycling, system reconfiguration, and an anomaly detector. Use of the SIDS transformation should result in an improvement in IDS survivability at low cost.
Keywords
security of data; IDS architecture; anomaly detector; backup communication paths; component recycling; dual-functionality forward-ahead; fault tolerance-based survivable IDS; intrusion detection system; key components; survivable architecture; system defense; system reconfiguration; Costs; Data analysis; Detectors; Fault tolerant systems; Independent component analysis; Intrusion detection; Performance analysis; Production systems; Recycling; Security;
fLanguage
English
Publisher
ieee
Conference_Titel
System Sciences, 2004. Proceedings of the 37th Annual Hawaii International Conference on
Print_ISBN
0-7695-2056-1
Type
conf
DOI
10.1109/HICSS.2004.1265702
Filename
1265702
Link To Document