The study of security mechanisms for intrusion detection system

摘要

Increasing illegal access on the Internet, there are many research of intrusion detection and some commercial intrusion detection systems (IDSs). But researchers have no attention of IDS's security, because they are too active to study of technique or mechanism for detecting intrusions automatically. When an intruder breaks into a computer system, he or she first detects system logs and kills the auditing processes provided for security tools such as IDS. So IDS's security is as important as a method of intrusion detection. Our IDS called IDA (Intrusion Detection Agent system) has not been considered security so far. We discuss about some security functions to protect IDA and other IDSs. We designed and implemented a protecting mechanism with LOMAC which is one of traditional mandatory access control models. We provide a new access model based on extended LOMAC which is added limited access mode to original one, as a result we can enhance security of IDSs.