Show simple item record

dc.contributor.authorHolz, Thomas
dc.contributor.authorMeier, Michael
dc.contributor.authorKönig, Hartmut
dc.contributor.editorKnop, Jan Von
dc.contributor.editorHaverkamp, Wilhelm
dc.contributor.editorJessen, Eike
dc.date.accessioned2019-10-16T09:34:27Z
dc.date.available2019-10-16T09:34:27Z
dc.date.issued2003
dc.identifier.isbn3-88579-373-3
dc.identifier.issn1617-5468
dc.identifier.urihttp://dl.gi.de/handle/20.500.12116/29272
dc.description.abstractIn recent years research activities in computer network security focus more actively on the development of effective methods in intrusion detection. The reason for this development is the rapidly increasing potential of threats to social, economical, and military information stored in information technology (IT) systems. Powerful and practically applicable mechanisms are required to protect critical infrastructures. Intrusion detection systems have been proven as a powerful means for the detection of IT security violations. They provide protection of computer and network resources by automatic detection of security violations. Some of these systems are able to initiate appropriate intrusion response actions. The crucial point for realtime applications, especially for host-based audit analysis, is the detection speed. In the paper we present the distributed intrusion detection infrastructure HEIDI which tackles this problem. HEIDI provides a module system based on sensors and agents to set up tailored intrusion detection systems for real-time applications. The basic features of the HEIDI approach are a distributed analysis functionality, the handling of overload situations, and a dynamic configurability. Furthermore, the problem of time-consuming audit analysis is compensated by integration of StraFER, a new signature match algorithm.en
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSecurity, E-learning, E-Services, 17. DFN-Arbeitstagung über Kommunikationsnetze
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-44
dc.titleHigh-efficient intrusion detection infrastructureen
dc.typeText/Conference Paper
dc.pubPlaceBonn
mci.reference.pages217-232
mci.conference.sessiontitleRegular Research Papers
mci.conference.locationDüsseldorf
mci.conference.date2003


Files in this item

Thumbnail

Show simple item record