Constraint-based Trend Template for Intrusion Detection

نویسندگان

  • Md. Ahsan Habib
  • Krisna Prasad Pawdel
  • Mohammad Rajiullah
  • Prashanta Man Shrestha
چکیده

Intrusion detection systems (IDS) are special computer security tools which help detect intrusion attempts. Misuse based detection is one of the techniques which is used by IDS to recognize predefined attack signatures. Attack languages, also known as detection languages, are used to describe attack signatures. Detection languages should be simple, expressive and flexible enough to help encode event signature accurately and conveniently. This paper shows the effectiveness of constraint based Trend Template (TT) as an efficient detection language by encoding some attack scenarios and focusing on the Trend Detector which recognizes those signatures from intrusion data.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Survey of Anomaly Detection Approaches in Internet of Things

Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...

متن کامل

A Hybrid Framework for Building an Efficient Incremental Intrusion Detection System

In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...

متن کامل

On using Constraints for Network Intrusion Detection

In this work we present a domain specific language for network intrusion detection that allows to describe network intrusions composed by several network packets, using a declarative approach to describe the desirable network situations, and based on that description, a set of parameterizations for network intrusion detection mechanisms based on Constraint Programming(CP) will execute to find t...

متن کامل

A New Intrusion Detection System to deal with Black Hole Attacks in Mobile Ad Hoc Networks

By extending wireless networks and because of their different nature, some attacks appear in these networks which did not exist in wired networks. Security is a serious challenge for actual implementation in wireless networks. Due to lack of the fixed infrastructure and also because of security holes in routing protocols in mobile ad hoc networks, these networks are not protected against attack...

متن کامل

Assessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing

Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • JSW

دوره 3  شماره 

صفحات  -

تاریخ انتشار 2008