Title :
Cooperating security managers: a peer-based intrusion detection system
Author :
White, Maj Gregory B ; Fisch, Eric A. ; Pooch, Udo W.
Author_Institution :
Dept. of Comput. Sci., US Air Force Acad., Colorado Springs, CO, USA
Abstract :
The need for increased security measures in computer systems and networks is apparent through the frequent media accounts of computer system and network intrusions. One attempt at increasing security measures is in the area of intrusion detection packages. These packages use a variety of means to detect intrusive activities and have been applied to both individual computer systems and networks. Cooperating security managers (CSM) is one such package. Applied to a network, CSM is designed to perform intrusion detection and reporting functions in a distributed environment without requiring a designated central site or server to perform the analysis of network audit data. In addition, it is designed to handle intrusions as opposed to simply detecting and reporting on them, resulting in a comprehensive approach to individual system and network intrusions. Tests of the initial prototype have shown the cooperative methodology to perform favourably
Keywords :
computer network management; security of data; computer networks; computer systems; cooperating security managers; distributed environment; intrusion detection; intrusion detection packages; intrusion reporting functions; network audit data analysis; network intrusions; peer-based intrusion detection system; security measures; system intrusions; Area measurement; Computer networks; Computer security; Data security; Intrusion detection; Network servers; Packaging; Performance analysis; Prototypes; Testing;
Journal_Title :
Network, IEEE
