Abstract
Networks are a fundamental technology for users and businesses alike. In order to achieve security in ever-increasing distributed environments, recent advances in intrusion detection have led to the development of distributed intrusion detection systems (DIDS). A key concern in these systems is that inter-component communication of data regarding potential network intrusions must be authenticated. Thus, a level of trust is maintained within the distributed system that data has not been altered by a malicious intruder. This paper presents a novel scheme that provides security in the transmission of data between DIDS components. A key consideration in the provision of this security is that of the computational and network overhead that this data transfer incurs. Therefore, this paper presents a scheme that ensures the high level of trust required within DIDS, and as demonstrated by a case study, with minimal computational or network impact.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kemmerer, R.A. & Vigna, G., “Intrusion Detection: A Brief History,” Computer, vol. 35, no. 4, pp. 27–30, 2002.
Zhang, Y. & Paxson, V., “Detecting Backdoors,” in Proceedings of USENIX Security Symposium, Denver, CO, USA, 2000.
Ptacek, T.H. & Newsham, T.N., “Insertion, Evation, and Denial of Service: Eluding Network Intrusion Detection,” Secure Networks Inc. Technical Report, available from http:///www.clark.net/~roesch/idspaper.html, January 1998.
Hassler, V., Security Fundamentals for E-Commerce, Artech House, USA, 2001.
Rivest, R.L., Shamir, A. & Adelman, L.M., “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems,” Communications of the ACM, vol. 21, pp. 120–126, 1978.
Rabin, M.O., Digital Signatures Foundations of Secure Communications, New York Acemic Press, NY, USA, 1978.
Asian, H.K., “A Hybrid Scheme for Multicast Authentication Over Lossy Networks,” Computers and Security, vol. 23, no.8, pp. 705–713, 2004.
Dittman, J., Katzenbeisser, S., Schallart, C. & Veith, H. “Ensuring Media Integrity on Third Party Infrastructures,” in Sasaki, R., Qing, S., Okamoto, E. & Yoshiura, H. (eds.) Security and Privacy in the Age of Ubiquitous Computing, Springer/IFIP, NY, USA, 2005.
Challal, Y., Bettahar, H. & Bouabdallah, A., “SAKM: A Scalable and Adaptive Key Management Approach for Multicast Communications,” ACM SIGCOMM Computer Communications Review, vol. 32, no. 8, 2004.
Proctor, P.E., The Practical Intrusion Detection Handbook, Prentice Hall, Saddle River, NJ, USA, 2001.
Ning, P., Jajodia, S. & Wang, X.S., “Design and Implementation of a Decentralized Prototype System for Detecting Distributed Attacks,” Computer Communications, vol.25, pp. 1374–1391, 2002.
Waldvogel, M., “GOSSIB vs. IP traceback Rumors,” in Proceedings of the Annual Computer Security Applications Conference (ACSAC), Las Vegas, NV, USA, 2002.
Haggerty, J., Berry, T., Shi, Q. & Merabti, M., “DiDDeM: A System for Early Detection of TCP SYN Flood Attacks,” in Proceedings of Globecom 04, Dallas, TX, USA, 2004.
Pfleeger, C.P. & Pfleeger, S.L., Security in Computing 3 rd ed., Prentice Hall, Upper Saddle River, NJ, USA, 2003.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag London Limited
About this paper
Cite this paper
Haggerty, J., Shi, Q., Fergus, P., Merabti, M. (2006). Data Authentication and Trust Within Distributed Intrusion Detection System Inter-Component Communications. In: Blyth, A. (eds) EC2ND 2005. Springer, London. https://doi.org/10.1007/1-84628-352-3_20
Download citation
DOI: https://doi.org/10.1007/1-84628-352-3_20
Publisher Name: Springer, London
Print ISBN: 978-1-84628-311-6
Online ISBN: 978-1-84628-352-9
eBook Packages: Computer ScienceComputer Science (R0)