Description of bad-signatures for network intrusion detection
نویسندگان
چکیده
Today, a computer network is under constant assault from attacks. In Computer Science, NIDS are used in order to protect a computer network against these intrusions. These systems normally use stochastic approaches or a rule-based system to detect intrusions and to describe the known intrusions. These systems have some disadvantages which we solve with a new approach called ANIMA. ANIMA stores bad-signatures of intrusions in directed and weighted graphs as well as returns for each checked-packet a value how malicious the packet is. The primary advantages of ANIMA are the online-system, adaptation, easy administration and storage-saving. In this article, we discuss the approach ANIMA for intrusion detection, the advantages and disadvantages, the implementation as well as the results occurred out of the simulations that ANIMA for intrusion detection works well in bad-packet-identification as well as the implementation substantiates the theoretical advantages.
منابع مشابه
تولید خودکار الگوهای نفوذ جدید با استفاده از طبقهبندهای تک کلاسی و روشهای یادگیری استقرایی
In this paper, we propose an approach for automatic generation of novel intrusion signatures. This approach can be used in the signature-based Network Intrusion Detection Systems (NIDSs) and for the automation of the process of intrusion detection in these systems. In the proposed approach, first, by using several one-class classifiers, the profile of the normal network traffic is established. ...
متن کاملMoving dispersion method for statistical anomaly detection in intrusion detection systems
A unified method for statistical anomaly detection in intrusion detection systems is theoretically introduced. It is based on estimating a dispersion measure of numerical or symbolic data on successive moving windows in time and finding the times when a relative change of the dispersion measure is significant. Appropriate dispersion measures, relative differences, moving windows, as well as tec...
متن کاملThe Orchids Intrusion Detection Tool
ORCHIDS is an intrusion detection tool based on techniques for fast, on-line model-checking. Temporal formulae are taken from a temporal logic tailored to the description of intrusion signatures. They are checked against merged network and system event flows, which together form a linear Kripke structure.
متن کاملIntrusion Detection in Mobile Adhoc Network
: Now a day’s wireless communication has rapid enhancement as demand for wireless network goes on increasing. One of the most popular and growing network is Mobile Adhoc Network as no of mobile users are users are incremented day by day. Mobile Adhoc Network (MANET) is infrastuctureless network so it is applicable in various fields for communications such as rescue operations, tactical operatio...
متن کاملA New Method for Intrusion Detection Using Genetic Algorithm and Neural Network
The article attempts to have neural network and genetic algorithm techniques present a model for classification on dataset. The goal is design model can the subject acted a firewall in network and this model with compound optimized algorithms create reliability and accuracy and reduce error rate couse of this is article use feedback neural network and compared to previous methods increase a...
متن کامل