Authors:
Paulo F. Andrade
;
Fernando Mira da Silva
and
Carlos Ribeiro
Affiliation:
Instituto Superior Técnico, Universidade Técnica de Lisboa, Portugal
Keyword(s):
Intrusion Detection Systems, Switch-based Networks, Security Analysis.
Related
Ontology
Subjects/Areas/Topics:
Information and Systems Security
;
Intrusion Detection & Prevention
Abstract:
As Internet becomes more and more ubiquitous, security is an increasingly important topic. Furthermore, private networks are expanding and security threats from within the network have to be cautioned. For these large networks, which are generally high-speed and with several segments, Intrusion Detection System (IDS) placement usually comes down to a compromise between money invested and monitored services. One common solution in these cases, is to use more than one IDS scattered across the network, thus, raising the amount invested and administrative power to operate. Another solution is to collect data through sensors and send it to one IDS via an Ethernet hub or switch. This option normally tends to overload the hub/switch port where the IDS is connected.
This paper presents a new solution, for networks with a star topology, where an IDS is coupled to the network’s core router. This solution allows the IDS to monitor every different network segment attached to the router in
a ro
und-robin fashion.
(More)