Network-Based Intrusion Detection
Gábor Hosszú (Budapest University of Technology and Economics, Budapest, Hungary) and Zoltán Czirkos (Budapest University of Technology and Economics, Budapest, Hungary)
Copyright: © 2008
As an example of the application for non-conventional purposes a security system is presented in the article that utilizes just the network for protecting the operating system of the computers. The software maintains a database about the experienced intruding attempts. Its entities working on each computer share their experiments among each other on the peer-to-peer (P2P) overlay network created by self organizing on the Internet. In such a way the security of the participants is increased, and then they can take the necessary steps.
Key Terms in this Chapter
Overlay Network: The applications, which create an ALN work together and usually follow the P2P communication model.
Client-Server Model: A communicating way, where one hardware or software entity (server) has more functionalities than the other entity (the client), whereas the client is responsible to initiate and close the communication session towards the server. Usually the server provides services that the client can request from the server. Its alternative is the P2P model.
Firewall: This is a host or router, which provides a strict gateway to the Internet for a subnetwork, checking traffic and maybe dropping some network packets.
Security Policy: It means a set of rules to act, in which the expectations and provisions of accessibility of the computer for the users and the administrators also included. It is worth to be made up before initiating medium or large sized computer networking systems.
Application Level Network (ALN): The applications, which are running in the hosts, can create a virtual network from their logical connections. This is also called overlay network. The operations of such software entities are not able to understand without knowing their logical relations. Most cases this ALN software entities use the P2P model, not the client/server one for the communication.
Data Integrity: The integrity of a computer system means that the host behaves and works as its administrator intended it to do so. Data integrity must therefore be always monitored.
Peer-to-Peer (P2P) Model: A communication way where each node has the same authority and communication capability. They create a virtual network, overlaid on the Internet. Its members organize themselves into a topology for data transmission. Each peer provides services the others can use, and each peer sends requests to other ones.