Intrusion Detection Based on P2P Software

Intrusion Detection Based on P2P Software

Zoltán Czirkos, Gábor Hosszú
ISBN13: 9781605660264|ISBN10: 1605660264|EISBN13: 9781605660271
DOI: 10.4018/978-1-60566-026-4.ch353
Cite Chapter Cite Chapter

MLA

Czirkos, Zoltán, and Gábor Hosszú. "Intrusion Detection Based on P2P Software." Encyclopedia of Information Science and Technology, Second Edition, edited by Mehdi Khosrow-Pour, D.B.A., IGI Global, 2009, pp. 2232-2238. https://doi.org/10.4018/978-1-60566-026-4.ch353

APA

Czirkos, Z. & Hosszú, G. (2009). Intrusion Detection Based on P2P Software. In M. Khosrow-Pour, D.B.A. (Ed.), Encyclopedia of Information Science and Technology, Second Edition (pp. 2232-2238). IGI Global. https://doi.org/10.4018/978-1-60566-026-4.ch353

Chicago

Czirkos, Zoltán, and Gábor Hosszú. "Intrusion Detection Based on P2P Software." In Encyclopedia of Information Science and Technology, Second Edition, edited by Mehdi Khosrow-Pour, D.B.A., 2232-2238. Hershey, PA: IGI Global, 2009. https://doi.org/10.4018/978-1-60566-026-4.ch353

Export Reference

Mendeley
Favorite

Abstract

The importance of the network security problems come into prominence by the growth of the Internet. The article presents a new kind of software, which uses just the network, to protect the hosts and increase their security. The hosts running this software create an Application Level Network (ALN) over the Internet. Nodes connected to this ALN check their operating systems’ log files to detect intrusion attempts. Information collected is then shared over the ALN to increase the security of all peers, which can then make the necessary protection steps by oneself. The developed software is named Komondor (Czirkos, 2006), which is a famous Hungarian guard dog. The novelty of the system Komondor is that Komondor nodes of each host create a Peer-To-Peer (P2P) overlay network. Organization is automatic; it requires no user interaction. This network model ensures stability, which is important for quick and reliable communication between nodes. By this build-up, the system remains useful over the unstable network. The use of the peer-to-peer network model for this purpose is new in principle. Test results proved its usefulness. With its aid, real intrusion attempts were blocked. This software is intended to mask the security holes of services provided by the host, not to repair them. For this it does not need to know about the security hole in detail. It can provide some protection in advance, but only if somewhere on the network an intrusion was already detected. It does not fix the security hole, but keeps the particular attacker from further activity.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.