We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Reseach Article

Article:Novel Architecture for Intrusion-Tolerant Distributed Intrusion Detection System using Packet Filter Firewall and State Transition Tables

by Dr. S.G. Bhirud, Vijay Katkar
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 8 - Number 11
Year of Publication: 2010
Authors: Dr. S.G. Bhirud, Vijay Katkar
10.5120/1248-1631

Dr. S.G. Bhirud, Vijay Katkar . Article:Novel Architecture for Intrusion-Tolerant Distributed Intrusion Detection System using Packet Filter Firewall and State Transition Tables. International Journal of Computer Applications. 8, 11 ( October 2010), 29-32. DOI=10.5120/1248-1631

@article{ 10.5120/1248-1631,
author = { Dr. S.G. Bhirud, Vijay Katkar },
title = { Article:Novel Architecture for Intrusion-Tolerant Distributed Intrusion Detection System using Packet Filter Firewall and State Transition Tables },
journal = { International Journal of Computer Applications },
issue_date = { October 2010 },
volume = { 8 },
number = { 11 },
month = { October },
year = { 2010 },
issn = { 0975-8887 },
pages = { 29-32 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume8/number11/1248-1631/ },
doi = { 10.5120/1248-1631 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T19:57:06.839744+05:30
%A Dr. S.G. Bhirud
%A Vijay Katkar
%T Article:Novel Architecture for Intrusion-Tolerant Distributed Intrusion Detection System using Packet Filter Firewall and State Transition Tables
%J International Journal of Computer Applications
%@ 0975-8887
%V 8
%N 11
%P 29-32
%D 2010
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Tremendous efforts have been taken over many years to secure the network against attacks; still attackers are successful with painful frequency. Experienced attackers try to disable the Intrusion Detection System (IDS) before launching attack. Therefore there should be some mechanism in IDS for uninterrupted detection of intrusion even though failure in IDS has occurred due to attacks. This paper presents the design and implementation of Novel Intrusion-Tolerant Distributed Intrusion Detection System using Packet Filter Firewall and State Transition Tables. Proposed architecture is immune to both, failure of IDS components and compromised IDS components. This architecture is capable of restricting the effect of network attacks like DoS, DDoS and Probing to a subset of network. Experimental results prove the usefulness and efficiency of this architecture.

References
  1. Liwei Kuang, Mohammad Zulkernine, “An Intrusion-Tolerant Mechanism for Intrusion Detection Systems”, The Third International Conference on Availability, Reliability and Security, ISBN: 0-7695-3102-4, IEEE 2008
  2. Feng Zhao, Qing-Hua Li1, Li Jin, “An Intrusion-Tolerant Intrusion Detection Method Based On Real-Time Sequence Analysis”, Fifth International Conference on Machine Learning and Cybernetics, Dalian, ISBN: 1-4244-0060-0, IEEE 2006
  3. Paulo Sousa, Alysson Neves Bessani, Miguel Correia,Nuno Ferreira Neves, Paulo Verissimo, “Resilient Intrusion Tolerance through Proactive and Reactive Recovery”, 13th IEEE International Symposium on Pacific Rim Dependable Computing, ISBN: 0-7695-3054-0, IEEE 2007
  4. Hui Zhao, Shanhong Zheng ,Wanlong Li, LiJuan Zhang, “A Network Intrusion-Tolerant System Based on Adaptive Algorithm”, 5th International Conference on Wireless Communications, Networking and Mobile Computing ISBN: 978-1-4244-3693-4, IEEE 2009
  5. Xiaohong Qu, Zhijie Liu , Xiaoyao Xie, “Research on Distributed Intrusion Detection System Based on Protocol Analysis”, IEEE 2009
  6. Senda Hammouda, Lilia Maalej, Zouheir Trabelsi, “Towards Optimized TCP/IP Covert Channels Detection, IDS and Firewall Integration”, ISBN: 978-2-9532443-0-4, IEEE 2008
  7. Hamed Salehi, Hossein Shirazi, Reza Askari Moghadam, “Increasing overall network security by integrating Signature-Based NIDS with Packet Filtering Firewall”, International Joint Conference on Artificial Intelligence, ISBN: 978-0-7695-3615-6, IEEE 2009
  8. Zongpu Jia, Shufen Liu, Guowei Wang, “Research and Design of NIDS Based on Linux Firewall”, 1 st International Symposium on Pervasive Computing and Applications, IEEE 2006
  9. Duanyang Zhao, Qingxiang Xu, Zhilin Feng, “Analysis and Design for Intrusion Detection System Based on Data Mining”, Second International Workshop on Education Technology and Computer Science, ISBN: 978-0-7695-3987-4, IEEE 2010
  10. Mohammad Akbarpour Sekeh, Mohd. Aizaini bin Maarof, “Fuzzy Intrusion Detection System via Data Mining Technique With Sequences of System Calls”, Fifth International Conference on Information Assurance and Security, ISBN: 978-0-7695-3744-3, IEEE 2009
  11. Ming-Yang Su, Kai-Chi Chang, Hua-Fu Wei, and Chun-Yuen Lin, “A Real-time Network Intrusion Detection System Based on Incremental Mining Approach”, ISBN: 1-4244-2415-3, IEEE 2008
  12. Mrs. P. Kola Sujatha Dr. A. Kannan S. Ragunath K. Sindhu Bargavi S. Githanjali, “A Behavior Based Approach to Host-Level Intrusion Detection using Self-organizing Maps”, First International Conference on Emerging Trends in Engineering and Technology, ISBN: 978-0-7695-3267-7, IEEE 2008
Index Terms

Computer Science
Information Sciences

Keywords

Firewall Intrusion-Tolerance DoS attack NIDS Distributed IDS