Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ICEIS
2008
IEEE
2008
IEEE
Next-Generation Misuse and Anomaly Prevention System
Abstract. Network Intrusion Detection Systems (NIDS) aim at preventing network attacks and unauthorised remote use of computers. More accurately, depending on the kind of attack it targets, an NIDS can be oriented to detect misuses (by defining all possible attacks) or anomalies (by modelling legitimate behaviour and detecting those that do not fit on that model). Still, since their problem knowledge is restricted to possible attacks, misuse detection fails to notice anomalies and vice versa. Against this, we present here ESIDE-Depian, the first unified misuse and anomaly prevention system based on Bayesian Networks to analyse completely network packets, and the strategy to create a consistent knowledge model that integrates misuse and anomaly-based knowledge. The training process of the Bayesian network may become intractable very fast in some extreme situations; we present also a method to cope with this problem. Finally, we evaluate ESIDE-Depian against well-known and new attack...
Real-time Traffic| Added | 30 May 2010 |
| Updated | 30 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | ICEIS |
| Authors | Pablo Garcia Bringas, Yoseba K. Penya |
Comments (0)
Researcher Info
|
