Title :
A Distributed Intrusion Detection System against flooding Denial of Services attacks
Author :
Chuiyi, Xie ; Yizhi, Zhang ; Yuan, Bai ; Shuoshan, Luo ; Qin, Xu
Author_Institution :
Sch. of Math. & Inf. Sci., ShaoGuan Univ., Shaoguan, China
Abstract :
A DIDS(Distributed Intrusion Detection System) named as F-DIDS is built to defend against flooding DoS(Denial of Services) attacks in the paper. F-DIDS is composed of F-IDSes which are settled in nodes who need to be protected. F-DIDS is a complete DIDS, in which each node with F-IDS can be the detection centre. Due to no central node, single failure can be avoided in F-DIDS. In F-DIDS, Traffic tables help to build up traffic matrixes. By analyzing traffic matrixes, flooding DoS attacks could be detected and three normal flooding DoS attacks are classified. Local and global communication methods are proposed to reduce the overhead brought from fully distributed architecture. The simulation results and performance analysis show that F-DIDS works effectively.
Keywords :
security of data; F-DIDS system; flooding DoS attack; flooding denial-of-service attack; flooding distributed intrusion detection system; Computer crime; Computer hacking; Distributed databases; Floods; Global communication; Intellectual property; Intrusion detection; Denial of Service; Distributed Intrusion Detection System; ICMP Flooding; SYN Flooding; UDP Flooding;
Conference_Titel :
Advanced Communication Technology (ICACT), 2011 13th International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-8830-8
