Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Denial-of-Service Resistant Intrusion Detection Architecture

Published

Author(s)

Peter M. Mell, D G. Marks, Mark McLarnon

Abstract

As the capabilities of intrusion detection systems (IDS) advance, attackers may attempt to disable an organization's IDS before attempting to penetrate more valuable targets. As IDSs evolve into distributed systems withinterdependent components, they are becoming more vulnerable to such attacks. To counter this threat, we present an intrusion detection architecture which is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to an attacker's normal means of seeing in a network. In the event of a successful attack, the architecture allows IDS components to relocate from attacked hosts to operational hosts thereby mitigating the effects of that attack. These capabilities are obtained by using mobile agent technology,utilizing network topology features, and by restricting the communication allowed between different types of IDS components.
Citation
Computer Networks
Volume
34
Issue
No. 4

Keywords

computer attacks, computer security, denial of service, intrusion detection, mobile agents, security models

Citation

Mell, P. , Marks, D. and McLarnon, M. (2000), A Denial-of-Service Resistant Intrusion Detection Architecture, Computer Networks, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=151228 (Accessed June 18, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 1, 2000, Updated February 17, 2017