Intrusion Detection Networks: A Key to Collaborative Security

Carol Fung, Raouf Boutaba

  • 出版商: Auerbach Publication
  • 出版日期: 2013-11-19
  • 售價: $3,980
  • 貴賓價: 9.5$3,781
  • 語言: 英文
  • 頁數: 261
  • 裝訂: Hardcover
  • ISBN: 1466564121
  • ISBN-13: 9781466564121
  • 相關分類: 資訊安全
  • 立即出貨 (庫存 < 3)

商品描述

The rapidly increasing sophistication of cyber intrusions makes them nearly impossible to detect without the use of a collaborative intrusion detection network (IDN). Using overlay networks that allow an intrusion detection system (IDS) to exchange information, IDNs can dramatically improve your overall intrusion detection accuracy.

Intrusion Detection Networks: A Key to Collaborative Security
focuses on the design of IDNs and explains how to leverage effective and efficient collaboration between participant IDSs. Providing a complete introduction to IDSs and IDNs, it explains the benefits of building IDNs, identifies the challenges underlying their design, and outlines possible solutions to these problems. It also reviews the full-range of proposed IDN solutions—analyzing their scope, topology, strengths, weaknesses, and limitations.

  • Includes a case study that examines the applicability of collaborative intrusion detection to real-world malware detection scenarios
  • Illustrates distributed IDN architecture design
  • Considers trust management, intrusion detection decision making, resource management, and collaborator management

The book provides a complete overview of network intrusions, including their potential damage and corresponding detection methods. Covering the range of existing IDN designs, it elaborates on privacy, malicious insiders, scalability, free-riders, collaboration incentives, and intrusion detection efficiency. It also provides a collection of problem solutions to key IDN design challenges and shows how you can use various theoretical tools in this context.

The text outlines comprehensive validation methodologies and metrics to help you improve efficiency of detection, robustness against malicious insiders, incentive-compatibility for all participants, and scalability in network size. It concludes by highlighting open issues and future challenges.

商品描述(中文翻譯)

網絡入侵的複雜性日益增加,使得在沒有協同入侵檢測網絡(IDN)的情況下幾乎不可能檢測到它們。使用允許入侵檢測系統(IDS)交換信息的覆蓋網絡,IDN可以顯著提高整體入侵檢測的準確性。

《入侵檢測網絡:協同安全的關鍵》專注於IDN的設計,並解釋如何利用參與者IDS之間的有效和高效協作。提供對IDS和IDN的完整介紹,解釋建立IDN的好處,確定其設計背後的挑戰,並概述解決這些問題的可能解決方案。它還審查了提出的IDN解決方案的全面範圍-分析其範圍、拓撲、優勢、弱點和限制。

書中包括一個案例研究,探討協同入侵檢測在現實世界的惡意軟件檢測場景中的應用性。它還說明了分佈式IDN架構設計,考慮了信任管理、入侵檢測決策、資源管理和協作者管理。

該書全面介紹了網絡入侵,包括其潛在損害和相應的檢測方法。涵蓋現有IDN設計的範圍,詳述隱私、惡意內部人員、可擴展性、搭便車者、協作激勵和入侵檢測效率。它還提供了一系列解決關鍵IDN設計挑戰的問題解決方案,並展示了如何在這個背景下使用各種理論工具。

該書概述了全面的驗證方法和指標,以幫助您提高檢測效率、對抗惡意內部人員的強大性、確保所有參與者的激勵相容性以及網絡規模的可擴展性。最後,它強調了未解決的問題和未來的挑戰。