Date Added: Feb 2011
Intrusion Detection Systems (IDS) offer valuable measures to cope with today's attacks on computers and networks. But the increasing performance of networks and end systems and the growing complexity of IT systems lead to rapidly growing volumes of observation data and large signature bases. Therefore, IDS are forced to drop observations in high load situations offering chances to attackers to act undetectable. The authors introduce an efficient dynamically adaptable, distributed approach for a multi-step signature based IDS. Finally, they discuss initial performance evaluations of a prototype implementation and motivate future work scopes.