IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Intrusion Detection Based on P2P Software

Intrusion Detection Based on P2P Software
View Sample PDF
Author(s): Zoltán Czirkos (Budapest University of Technology and Economics, Hungary) and Gábor Hosszú (Budapest University of Technology and Economics, Hungary)
Copyright: 2009
Pages: 7
Source title: Encyclopedia of Information Science and Technology, Second Edition
Source Author(s)/Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-60566-026-4.ch353

Purchase

View Intrusion Detection Based on P2P Software on the publisher's website for pricing and purchasing information.

Abstract

The importance of the network security problems come into prominence by the growth of the Internet. The article presents a new kind of software, which uses just the network, to protect the hosts and increase their security. The hosts running this software create an Application Level Network (ALN) over the Internet. Nodes connected to this ALN check their operating systems’ log files to detect intrusion attempts. Information collected is then shared over the ALN to increase the security of all peers, which can then make the necessary protection steps by oneself. The developed software is named Komondor (Czirkos, 2006), which is a famous Hungarian guard dog. The novelty of the system Komondor is that Komondor nodes of each host create a Peer-To-Peer (P2P) overlay network. Organization is automatic; it requires no user interaction. This network model ensures stability, which is important for quick and reliable communication between nodes. By this build-up, the system remains useful over the unstable network. The use of the peer-to-peer network model for this purpose is new in principle. Test results proved its usefulness. With its aid, real intrusion attempts were blocked. This software is intended to mask the security holes of services provided by the host, not to repair them. For this it does not need to know about the security hole in detail. It can provide some protection in advance, but only if somewhere on the network an intrusion was already detected. It does not fix the security hole, but keeps the particular attacker from further activity.

Related Content

Christine Kosmopoulos. © 2022. 22 pages.
Melkamu Beyene, Solomon Mekonnen Tekle, Daniel Gelaw Alemneh. © 2022. 21 pages.
Rajkumari Sofia Devi, Ch. Ibohal Singh. © 2022. 21 pages.
Ida Fajar Priyanto. © 2022. 16 pages.
Murtala Ismail Adakawa. © 2022. 27 pages.
Shimelis Getu Assefa. © 2022. 17 pages.
Angela Y. Ford, Daniel Gelaw Alemneh. © 2022. 22 pages.
Body Bottom