An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Denial-of-Service Resistant Intrusion Detection Architecture
Published
Author(s)
Peter M. Mell, D G. Marks, Mark McLarnon
Abstract
As the capabilities of intrusion detection systems (IDS) advance, attackers may attempt to disable an organization's IDS before attempting to penetrate more valuable targets. As IDSs evolve into distributed systems withinterdependent components, they are becoming more vulnerable to such attacks. To counter this threat, we present an intrusion detection architecture which is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to an attacker's normal means of seeing in a network. In the event of a successful attack, the architecture allows IDS components to relocate from attacked hosts to operational hosts thereby mitigating the effects of that attack. These capabilities are obtained by using mobile agent technology,utilizing network topology features, and by restricting the communication allowed between different types of IDS components.
computer attacks, computer security, denial of service, intrusion detection, mobile agents, security models
Citation
Mell, P.
, Marks, D.
and McLarnon, M.
(2000),
A Denial-of-Service Resistant Intrusion Detection Architecture, Computer Networks, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=151228
(Accessed December 7, 2023)