A Snort-based Mobile Agent for a Distributed Intrusion Detection System - LIRMM - Laboratoire d’Informatique, de Robotique et de Microélectronique de Montpellier
Conference Papers Year : 2011

A Snort-based Mobile Agent for a Distributed Intrusion Detection System

Abstract

Due to the rapid growth of the network application, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attackers. Consequently, the Intrusion Detec- tion Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Most existing and commercial IDS are generally centralized and suffer from a number of drawbacks, e.g., high rates of false positives, low efficiency, etc, especially when they face distributed attacks. In this paper, we introduce a novel mobile agent-based intrusion detection system focusing on the misuse detection approach, called DIDMAS (Distributed Intrusion Detection using Mobile Agents and Snort). DIDMAS takes advan- tages of the mobile agent paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT. Carried out experiments showed that our proposed system presents better performance as well as a good scalability compared to the pioneer known centralized IDS SNORT system over real traffic and a set of simulated attacks.
Fichier principal
Vignette du fichier
SECRYPT2011.pdf (247.72 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

lirmm-00798311 , version 1 (22-03-2019)

Identifiers

  • HAL Id : lirmm-00798311 , version 1

Cite

Imen Brahmi, Sadok Ben Yahia, Pascal Poncelet. A Snort-based Mobile Agent for a Distributed Intrusion Detection System. SECRYPT: Security and Cryptography, Jul 2011, Seville, Spain. pp.198-207. ⟨lirmm-00798311⟩
157 View
187 Download

Share

More