Design and implementation of distributed intrusion detection system based on honeypot

Author

Yang, Yun ; Mi, Jia

Author_Institution

Sch. of Electr. & Inf. Eng., Shaanxi Univ. of Sci. & Technol., Xi´´an, China

Volume

6

fYear

2010

fDate

16-18 April 2010

Abstract

For the shortcoming of traditional intrusion detection system (IDS) in complex and unknown attack detection. A distributed intrusion detection system based on honeypot was proposed. We make use of honeypot to collect the invasion characteristics on the network, and use the method of unsupervised clustering (UC) and genetic clustering to extract the data for analysis. In addition, in order to improve the detection performance of the IDS, it combined protocol analysis with signature detection modules. Experiments result show that this system can better detect intrusion and improve the overall safety performance of large-scale networks.

Keywords

computer network security; data analysis; feature extraction; genetic algorithms; pattern clustering; attack detection; data analysis; data extraction; distributed intrusion detection system; genetic clustering; honeypot; protocol analysis; signature detection module; unsupervised clustering; Business; Data analysis; Design engineering; Genetics; Information technology; Intrusion detection; Large-scale systems; Protocols; Sensor systems; Statistical distributions; UC; genetic algorithms; honeypot; intrusion detectoin;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Engineering and Technology (ICCET), 2010 2nd International Conference on

Conference_Location

Chengdu

Print_ISBN

978-1-4244-6347-3

Type

conf

DOI

10.1109/ICCET.2010.5486267

Filename

5486267