Mell, P.
, Marks, D.
and McLarnon, M.
(2000),
A Denial-of-Service Resistant Intrusion Detection Architecture, Computer Networks, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=151228
(Accessed May 25, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Denial-of-Service Resistant Intrusion Detection Architecture
Published
Author(s)
, ,
Abstract
As the capabilities of intrusion detection systems (IDS) advance, attackers may attempt to disable an organization's IDS before attempting to penetrate more valuable targets. As IDSs evolve into distributed systems withinterdependent components, they are becoming more vulnerable to such attacks. To counter this threat, we present an intrusion detection architecture which is resistant to denial-of-service attacks. The architecture frustrates attackers by making IDS components invisible to an attacker's normal means of seeing in a network. In the event of a successful attack, the architecture allows IDS components to relocate from attacked hosts to operational hosts thereby mitigating the effects of that attack. These capabilities are obtained by using mobile agent technology,utilizing network topology features, and by restricting the communication allowed between different types of IDS components.Citation
Computer Networks
Volume
34
Issue
No. 4
Pub Type
Journals
Download Paper
Keywords
computer attacks, computer security, denial of service, intrusion detection, mobile agents, security models
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created October 1, 2000, Updated February 17, 2017