A practical approach for Distributed IDS

摘要

Currently, the organizations/ networks are using multiple layers of Firewalls, Intrusion Detection Systems (IDS), and Access Control Lists of Routers etc. for tracing the criminals. These systems are mainly developed to lake preventive steps based on identified policies. They are not capable of responding to emerging threats in real-time and update remotely regarding emerging vulnerability. Many a times the information recorded at other sensors like server audit trail; Virus scanner can reveal significant information. Further, voice, symbol, gestures, coded language detection is very important for crime detection. Scalability to large size (Terra bits per second) capacity is major issue. There is an immediate need for a distributed and efficient system to monitor information from multiple sensors across the networks simultaneously in realtime. Unfortunately, standards for exchanging this information are still evolving. Considering these limitations, this article proposes distributed solution, which helps Law enforcing agencies in crime detection. Pilot system was tested for some of the desired features and observations recorded.