Intrusion detection systems have usually been developed using large host-based components. These components impose an extra load on the system where they run (sometimes even
requiring a dedicated system) and are subject to tampering or disabling by an intruder. Additionally,
intrusion detection systems have usually obtained information about host behavior through indirect
means, such as audit trails or network packet traces. This potentially allows intruders to modify the
information before the intrusion detection system obtains it and slows down the detection and
prevention of DoS attacks, making it possible for an intruder to hide his activities. In this paper we
propose work that will attempt to show that it is possible to perform intrusion detection mechanism
of DoS attacks using small sensors embedded in a computer system. These sensors will look for
signs of specific intrusions. They will perform target monitoring by observing the behavior of the
through an audit trail or other indirect means in real time while the Snort IDS running. Furthermore,
by being built into the computer system it could provide a flexible alert sensor which may not
impose a considerable extra load on the host they monitor.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.