Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ECBS
2007
IEEE
2007
IEEE
Alert Fusion for a Computer Host Based Intrusion Detection System
Intrusions impose tremendous threats to today’s computer hosts. Intrusions using security breaches to achieve unauthorized access or misuse of critical information can have catastrophic consequences. To protect computer hosts from the increasing threat of intrusion, various kinds of Intrusion Detection Systems (IDSs) have been developed. The main disadvantages of current IDSs are a high false detection rate and the lack of post-intrusion decision support capability. To minimize these drawbacks, we propose an event-driven intrusion detection architecture which integrates Subject-Verb-Object (SVO) multi-point monitors and an impact analysis engine. Alert fusion and verification models are implemented to provide more reasonable intrusion information from incomplete, inconsistent or imprecise alerts acquired by SVO monitors. DEVS formalism is used to describe the model based design approach. Finally we use the DEVS-JAVA simulation tool to show the feasibility of the proposed system.
Real-time TrafficECBS 2007 | Event-driven Intrusion Detection | Hardware | Intrusion Detection | Intrusion Detection Systems |
Related Content
| Added | 18 Oct 2010 |
| Updated | 18 Oct 2010 |
| Type | Conference |
| Year | 2007 |
| Where | ECBS |
| Authors | Chuan Feng, Jianfeng Peng, Haiyan Qiao, Jerzy W. Rozenblit |
Comments (0)
Researcher Info
|
