An efficient distributed intrusion detection scheme

Abstract

In general, intrusion detection systems are accurate and comfortable instruments for securing computer and network resources. But one of the great unsolved problems of deploying such systems in real-life environments is the low efficiency, especially in the context of applying the host-based attack identification paradigm. In this paper, a new approach for overcoming the efficiency problem is presented: HEIDI (high-efficient intrusion detection infrastructure). By this approach, flexible and efficiency-oriented modules and mechanisms are combined to obtain a distributed intrusion detection scheme.