Abstract
Intrusions are one of the most important issues in the current Internet environment. Therefore, a lot of researchers and companies elaborated countermeasure techniques such as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). These systems detect intrusions and prevent attackers from succeeding in their intrusion attempts. They usually rely on pattern matching and therefore, work efficiently on known-attacks. However, they do not work efficiently on unknown-attacks such as zero-day attacks and targeted attacks. This means, we should assume that our machines can be corrupted anytime. Therefore, we should consider what we can do under this assumption for a next generation security framework. In this paper, we propose a new intrusion detection methodology using the support of other machines. In our proposal, when an attacker tries to attack other machines from a corrupted machine that the attacker has already intruded, other machines notify it to the administrator of the corrupted machine. Then, the attacker may lose the corrupted machine. Therefore, the attacker restrains itself from imprudently attacking other machines. This will suppress the propagation of corrupted machines in the Internet.
| Original language | English |
|---|---|
| Pages | 206-212 |
| Number of pages | 7 |
| DOIs | |
| Publication status | Published - 2008 |
| Event | 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, FTDCS 2008 - Kunming, China Duration: Oct 21 2008 → Oct 23 2008 |
Other
| Other | 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, FTDCS 2008 |
|---|---|
| Country/Territory | China |
| City | Kunming |
| Period | 10/21/08 → 10/23/08 |
All Science Journal Classification (ASJC) codes
- Software
- Hardware and Architecture
- Computer Networks and Communications