Indra: A Peer-to-Peer Approach to Network Intrusion Detection and Prevention

Ramaprabhu Janakiraman, Marcel Waldvogel, Qi Zhang (2003): Indra: A Peer-to-Peer Approach to Network Intrusion Detection and Prevention. In: Proceedings of IEEE WETICE 2003, Linz, Austria, 2003.

Abstract

While the spread of the Internet has made the network ubiquitous, it has also rendered networked systems vulnerable to malicious attacks orchestrated from anywhere. These attacks or intrusions typically start with attackers infiltrating a network through a vulnerable host and then launching further attacks on the local network or Intranet. Attackers rely on increasingly sophisticated techniques like using distributed attack sources and obfuscating their network addresses. On the other hand, software that guards against them remains rooted in traditional centralized techniques, presenting an easily-targeted single point of failure. Scalable, distributed network intrusion prevention techniques are sorely needed. We propose Indra---a distributed scheme based on sharing information between trusted peers in a network to guard the network as a whole against intrusion attempts. We present initial ideas for running Indra over a peer-to-peer infrastructure to distribute up-to-date rumors, facts, and trust information in a scalable way.

BibTeX (Download)

@inproceedings{Janakiraman2003Indra,
title = {Indra: A Peer-to-Peer Approach to Network Intrusion Detection and Prevention},
author = {Ramaprabhu Janakiraman and Marcel Waldvogel and Qi Zhang},
url = {https://netfuture.ch/wp-content/uploads/2003/janakiraman03indra.pdf},
year  = {2003},
date = {2003-01-01},
booktitle = {Proceedings of IEEE WETICE 2003},
address = {Linz, Austria},
abstract = {While the spread of the Internet has made the network ubiquitous, it has also rendered networked systems vulnerable to malicious attacks orchestrated from anywhere. These attacks or intrusions typically start with attackers infiltrating a network through a vulnerable host and then launching further attacks on the local network or Intranet. Attackers rely on increasingly sophisticated techniques like using distributed attack sources and obfuscating their network addresses. On the other hand, software that guards against them remains rooted in traditional centralized techniques, presenting an easily-targeted single point of failure. Scalable, distributed network intrusion prevention techniques are sorely needed. We propose Indra---a distributed scheme based on sharing information between trusted peers in a network to guard the network as a whole against intrusion attempts. We present initial ideas for running Indra over a peer-to-peer infrastructure to distribute up-to-date rumors, facts, and trust information in a scalable way.},
keywords = {Denial of Service, Security, Trust},
pubstate = {published},
tppubtype = {inproceedings}
}

Schreibe einen Kommentar