Cooperating security managers: a peer-based intrusion detection system

Author

White, Maj Gregory B ; Fisch, Eric A. ; Pooch, Udo W.

Author_Institution

Dept. of Comput. Sci., US Air Force Acad., Colorado Springs, CO, USA

Volume

10

Issue

1

fYear

1996

Firstpage

20

Lastpage

23

Abstract

The need for increased security measures in computer systems and networks is apparent through the frequent media accounts of computer system and network intrusions. One attempt at increasing security measures is in the area of intrusion detection packages. These packages use a variety of means to detect intrusive activities and have been applied to both individual computer systems and networks. Cooperating security managers (CSM) is one such package. Applied to a network, CSM is designed to perform intrusion detection and reporting functions in a distributed environment without requiring a designated central site or server to perform the analysis of network audit data. In addition, it is designed to handle intrusions as opposed to simply detecting and reporting on them, resulting in a comprehensive approach to individual system and network intrusions. Tests of the initial prototype have shown the cooperative methodology to perform favourably

Keywords

computer network management; security of data; computer networks; computer systems; cooperating security managers; distributed environment; intrusion detection; intrusion detection packages; intrusion reporting functions; network audit data analysis; network intrusions; peer-based intrusion detection system; security measures; system intrusions; Area measurement; Computer networks; Computer security; Data security; Intrusion detection; Network servers; Packaging; Performance analysis; Prototypes; Testing;

fLanguage

English

Journal_Title

Network, IEEE

Publisher

ieee

ISSN

0890-8044

Type

jour

DOI

10.1109/65.484228

Filename

484228