Title :
Indra: a peer-to-peer approach to network intrusion detection and prevention
Author :
Janakiraman, Ramaprabhu ; Waldvogel, Marcel ; Zhang, Qi
Author_Institution :
Dept. of Comput. Sci. & Eng., Washington Univ., St. Louis, WA, USA
Abstract :
While the spread of the Internet has made the network ubiquitous, it has also rendered networked systems vulnerable to malicious attacks orchestrated from anywhere. These attacks or intrusions typically start with attackers infiltrating a network through a vulnerable host and then launching further attacks on the local network or Intranet. Attackers rely on increasingly sophisticated techniques like using distributed attack sources and obfuscating their network addresses. On the other hand, software that guards against them remains rooted in traditional centralized techniques, presenting an easily-targeted single point of failure. Scalable, distributed network intrusion prevention techniques are sorely needed. We propose Indra - a distributed scheme based on sharing information between trusted peers in a network to guard the network as a whole against intrusion attempts. We present initial ideas for running Indra over a peer-to-peer infrastructure to distribute up-to-date rumors, facts, and trust information in a scalable manner.
Keywords :
Internet; client-server systems; intranets; safety systems; security of data; information sharing; intranet; intrusion detection and rapid action; local network; network intrusion detection; network prevention; peer-to-peer infrastructure; Centralized control; Computer crime; Computer science; Control systems; Humans; IP networks; Intrusion detection; Laboratories; Peer to peer computing; Real time systems;
Conference_Titel :
Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003. WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on
Print_ISBN :
0-7695-1963-6
DOI :
10.1109/ENABL.2003.1231412
