NIDH - Network Intrusion Detection Hierarchy A Model for Gathering Attack Intelligence
ABSTRACT
Internet proxy systems such as Squid exchange intelligence relevant to their function as caching proxy servers via a distributed and trusted hierarchy of machines. The required intelligence is broadcast based along the network based upon established trust relationships throughout the connected network via specific port and protocols of exchange. An intrusion detection system that incorporates this functionality for gathering attack intelligence could be a formidable foe even for the wiliest attacker.
This paper will outline a possible model for the deployment of a network/distributed network intrusion detection system utilising technologies and techniques already in existence to provide the supporting infrastructure.
AUTHORS
E-commerce Security and Risk Management, Edith Cowan University
Australia
Craig Valli is a member of the School of MIS at Edith Cowan University where he lectures in E-commerce Security and Risk Management. He is currently completing a DBA and is pursuing a thesis in the area of Network Security. Mr Valli’s professional background is in network and security management. His research interests are in active network monitoring, defensive deception, intrusion detection, social engineering and trust.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
