مقاله انگلیسی رایگان در مورد سیستم های تشخیص نفوذ توزیع شده در معماری شبکه های ناهمگن – الزویر 2018

 

مشخصات مقاله
ترجمه عنوان مقاله چارچوب برنامه ریزی برای سیستم های تشخیص نفوذ توزیع شده بر معماری شبکه های ناهمگن
عنوان انگلیسی مقاله Scheduling framework for distributed intrusion detection systems over heterogeneous network architectures
انتشار مقاله سال 2018
تعداد صفحات مقاله انگلیسی 39 صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
پایگاه داده نشریه الزویر
نوع نگارش مقاله
مقاله پژوهشی (Research article)
مقاله بیس این مقاله بیس نمیباشد
نمایه (index) scopus – master journals – JCR
نوع مقاله ISI
فرمت مقاله انگلیسی  PDF
ایمپکت فاکتور(IF)
3.500 در سال 2017
شاخص H_index 68 در سال 2018
شاخص SJR 0.784 در سال 2018
رشته های مرتبط مهندسی کامپیوتر، فناوری اطلاعات
گرایش های مرتبط امنیت اطلاعات، رایانش ابری، معماری کامپیوتری، سامانه های شبکه ای، اینترنت و شبکه های گسترده
نوع ارائه مقاله
ژورنال
مجله / کنفرانس مجله شبکه و برنامه های کامپیوتری – Journal of Network and Computer Applications
دانشگاه Department of Computer Science Technology and Computation – University of Alicante – Spain
کلمات کلیدی امنیت سایبری، سیستم تشخیص نفوذ توزیع شده، رایانش ابری، اینترنت اشیا
کلمات کلیدی انگلیسی Cyber security, Distributed Intrusion Detection System, Cloud computing, Internet of Things
شناسه دیجیتال – doi
https://doi.org/10.1016/j.jnca.2018.02.004
کد محصول E10162
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

فهرست مطالب مقاله:
Highlights
Abstract
Graphical abstract
Keywords
1 Introduction
2 Related work
3 Proposed distributed IDS framework
4 Experimental design and results
5 Conclusion and future work
Acknowledgement
References
Vitae

بخشی از متن مقاله:
Abstract

The evolving trends of mobility, cloud computing and collaboration have blurred the perimeter separating corporate networks from the wider world. These new tools and business models enhance productivity and present new opportunities for competitive advantage although they also introduce new risks. Currently, security is one of the most limiting issues for technological development in fields such as Internet of Things or Cyber-physical systems. This work contributes to the cyber security research field with a design that can incorporate advanced scheduling algorithms and predictive models in a parallel and distributed way, in order to improve intrusion detection in the current scenario, where increased demand for global and wireless interconnection has weakened approaches based on protection tasks running only on specific perimeter security devices. The aim of this paper is to provide a framework to properly distribute intrusion detection system (IDS) tasks, considering security requirements and variable availability of computing resources. To accomplish this, we propose a novel approach, which promotes the integration of personal and enterprise computing resources with externally supplied cloud services, in order to handle the security requirements. For example, in a business environment, there is a set information resources that need to be specially protected, including data handled and transmitted by small mobile devices. These devices can execute part of the IDS tasks necessary for self-protection, but other tasks could be derived to other more powerful systems. This integration must be achieved in a dynamic way: cloud resources are used only when necessary, minimizing utility computing costs and security problems posed by cloud, but preserving local resources when those are required for business processes or user experience. In addition to satisfying the main objective, the strengths and benefits of the proposed framework can be explored in future research. This framework provides the integration of different security approaches, including well-known and recent advances in intrusion detection as well as supporting techniques that increase the resilience of the system. The proposed framework consists of: (1) a controller component, which among other functions, decides the source and target hosts for each data flow; and (2) a switching mechanism, allowing tasks to redirect data flows as established by the controller scheduler. The proposed approach has been validated through a number of experiments. First, an experimental DIDS is designed by selecting and combining a number of existing IDS solutions. Then, a prototype implementation of the proposed framework, working as a proof of concept, is built. Finally, singular tests showing the feasibility of our approach and providing a good insight into future work are performed.

Introduction

Over the past decade, IT environments have become increasingly vulnerable. The evolving trends of mobility, cloud computing and collaboration, have blurred the perimeter separating corporate networks from the wider world. 5 While increased mobility may make an organisation and its employees more productive, it also creates layers of complexity for securing the enterprise [1]. In the coming years, cyber attacks will almost certainly intensify. Networking technology vendor Cisco Systems forecasts that by 2020, 50 billion devices will be connected to the Internet, including a large portion of industrial, mili10 tary and aerospace related devices and systems. Each new thing that connects to cyberspace is a potential target for a cyber attack [2]. One of the main approaches to information security and cyber security (see [3] for a discussion about the difference between these two terms) has been the development and deployment of intrusion detection systems (IDS) [4]. An IDS 15 dynamically controls the operations that need to be considered in an environment by monitoring log files, network traffic or other sources. Then, it infers whether these actions indicate an attack or they are usual practices in the environment [5]. Many intrusion detection techniques, frameworks, projects, and products have been developed since the proposal of this approach. Currently, 20 the interest of diverse IDS approaches is growing as shown by the recent works in anomaly detection [6, 7], wireless sensor networks [8], mobile agents [9], new statistical and machine learning techniques [10, 11, 12], smart grids [13], among many others. Taking into account the current scenario, where the network perimeter is 25 increasingly complex, having a number of instances of IDS processes deployed in select interconnection devices and security solutions, has become ineffective. Furthermore, the classical “insiders” vs. “outsiders” distinction when referring to network attackers could be irrelevant, since an outsider computer can become internal without breaking any physical barrier by means of wireless network 30 attacks (other reasons for fighting insider threats can be found in [14]). Ideally, an effective network IDS should be able to examine all the data flows between all computers regardless of its position in relation to corporate firewalls. Figure 1 gives a simplified view of this evolution of the connectivity and the implications on the required security processes.

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *

دکمه بازگشت به بالا