Abstract
In this monograph we have presented an abstraction-based approach to intrusion detection in distributed systems, where the component systems are usually heterogeneous and/or autonomous. To address heterogeneity and autonomy of distributed environments, the concept of system view was introduced to provide an abstract interface between different heterogeneous and autonomous systems. This concept borrows the idea from multi-databases that different database management systems share the schema-level information (i.e., the structure of the data) among each other. However, due to the semantics of intrusion detection, the notion of system view in our setting differs from its counter part in multi-databases in that it should be able to include the schema-level information about the system state as well. In general, system views serve two purposes. First, system views hide the difference between heterogeneous systems. Second, they describe what information an autonomous system is willing to provide to other system. System views constitute the foundation of the approaches to distributed intrusion detection presented in this monograph.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science+Business Media New York
About this chapter
Cite this chapter
Ning, P., Jajodia, S., Wang, X.S. (2004). Conclusion. In: Intrusion Detection in Distributed Systems. Advances in Information Security, vol 9. Springer, Boston, MA. https://doi.org/10.1007/978-1-4615-0467-2_9
Download citation
DOI: https://doi.org/10.1007/978-1-4615-0467-2_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4613-5091-0
Online ISBN: 978-1-4615-0467-2
eBook Packages: Springer Book Archive