Among the current information security prevention systems such as firewalls and intrusion detection systems, there exist several shortages such as alert overload, high false alarm rate, absence of effective alert management mechanism etc. As a result, there is a tremendous amount of alert data overload in the network, and this data could be redundant, irrelevant or meaningless. The result of this information flooding is the inability to correctly correlate the events to locate the security breach. In this paper, we aim to present the architecture of an integrated computer network defense system that is efficient, distributed and adaptable; in short, a good match for the dynamic environment of cloud computing. The use of peer-to-peer architecture is investigated for computer network defense. The architecture consists of an advanced intrusion detection system for identification of malicious traffic in such a manner that a centralized controller correlating the events is not overwhelmed by the deluge of alerts. We investigate the Content Addressable Network Distributed Hash Table for the event aggregation.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.