Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AINA
2008
IEEE
2008
IEEE
An Experience Improving Intrusion Detection Systems False Alarm Ratio by Using Honeypot
When traditional firewall and intrusion detection systems (IDS) are used to detect possible attacks from the network, they often make wrong decisions and block the legitimate connections. In this paper we propose a new architecture which is composed of distributed agents and honeypot. The main focus of our approach lies in reducing the false alarm rate of the attack detection. Using the honeypot scheme, this system is able to avoid many wrong decisions made by IDS. In this system alarming adversaries, initially detected by the IDS, will be rerouted to a honeypot network for a more close investigation. If as a result of this investigation, it is found that the alarm decision made by the IDS of the agent is wrong, the connection will be guided to the original destination in order to continue the previous interaction. This action is hidden to the user. Such a scheme significantly decreases the alarm rate and provides a higher performance of IDS. In this paper the architecture of the prop...
Real-time TrafficRelated Content
| Added | 28 May 2010 |
| Updated | 28 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | AINA |
| Authors | Babak Khosravifar, Jamal Bentahar |
Comments (0)
Researcher Info
|
