SISTEMA DE DETECÇÃO DE INTRUSÃO EM REDES BASEADO EM SOA (NIDS-SOA) PARA SUPORTAR A INTEROPERABILIDADE ENTRE IDS S: APLICAÇÃO AO NIDIA

Detalhes bibliográficos
Ano de defesa: 2012
Autor(a) principal: COSTA, Wagner Elvio de Loiola lattes
Orientador(a): ABDELOUAHAB, Zair lattes
Banca de defesa: Labidi, Sofiane lattes
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal do Maranhão
Programa de Pós-Graduação: PROGRAMA DE PÓS-GRADUAÇÃO EM ENGENHARIA DE ELETRICIDADE/CCET
Departamento: Engenharia
País: BR
Palavras-chave em Português:
IDS
Palavras-chave em Inglês:
IDS
Área do conhecimento CNPq:
Link de acesso: http://tedebc.ufma.br:8080/jspui/handle/tede/497
Resumo: The antivirus system and firewall are protection systems designed to prevent malicious work in the network, thus constituting a barrier to invaders (e.g. vírus, worms e hackers). However, there is no guarantee a full protection to network and computers, invasions can occur by exploiting vulnerabilities, known, and allow running programs remotely, changing privileges within the system and the dissemination of important information. In this case, Intrusion Detection System IDS (Intrusion Detection System) allows the detection of intrusions and subsequent notification to the network administrator or, in conjunction with the firewall blocks the port used in the invasion or the IP address of the attacker. An important factor for the intrusion detection is the quality of subscriber base. However IDS systems are isolated systems and the interoperability among different vendors IDS is complex and difficult to implement. Existing IDS systems in the literature, including the IDS NIDIA (Instrusion-Detection System Network Intrusion Detection System based on Intelligent Agents) are isolated systems, are not easily reused. Generally, they communicate using different protocols and are designed with different programming paradigms. In this work it is proposed an architecture based on the philosophy SOA (Service Oriented Architecture) to support interoperability between IDS systems. The IDS-NIDIA will be adapted and extended according to the SOA philosophy, containing layers of web services in order to provide a static service composition between the layers of the application and reuse of information with other IDS s.