As Internet becomes more and more ubiquitous, security is an increasingly important topic. Furthermore, private networks are expanding and security threats from within the network have to be cautioned. For these large networks, which are generally high-speed and with several segments, Intrusion Detection System (IDS) placement usually comes down to a compromise between investment and monitoring ability. One common solution in these cases, is to use more than one IDS scattered across the network, thus raising the amount invested and administrative power to operate. Another solution is to collect data through sensors and send it to one IDS via an Ethernet hub or switch. This option normally tends to overload the hub/switch port where the IDS is connected. This document presents a new solution, for networks with a star topology, where a single IDS is coupled to the network’s core router. This solution allows the IDS to monitor every different network segment attached to the router in a round-robin fashion. Practical implementation issues and operational implications of this solution are also analyzed and discussed.
An Efficient Intrusion Detection System for Networks with Centralized Routing
Paulo F. Andrade,Fernando M. Silva,Carlos Ribeiro
Published 2007 in International Conference on Security and Cryptography
ABSTRACT
PUBLICATION RECORD
- Publication year
2007
- Venue
International Conference on Security and Cryptography
- Publication date
Unknown publication date
- Fields of study
Computer Science, Engineering
- Identifiers
- External record
- Source metadata
Semantic Scholar
CITATION MAP
EXTRACTION MAP
CLAIMS
- No claims are published for this paper.
CONCEPTS
- No concepts are published for this paper.
REFERENCES
Showing 1-9 of 9 references · Page 1 of 1
CITED BY
Showing 1-2 of 2 citing papers · Page 1 of 1