Description of bad-signatures for network intrusion detection

10 years 1 months ago
Description of bad-signatures for network intrusion detection
Today, a computer network is under constant assault from attacks. In Computer Science, NIDS are used in order to protect a computer network against these intrusions. These systems normally use stochastic approaches or a rule-based system to detect intrusions and to describe the known intrusions. These systems have some disadvantages which we solve with a new approach called ANIMA. ANIMA stores bad-signatures of intrusions in directed and weighted graphs as well as returns for each checked-packet a value how malicious the packet is. The primary advantages of ANIMA are the online-system, adaptation, easy administration and storage-saving. In this article, we discuss the approach ANIMA for intrusion detection, the advantages and disadvantages, the implementation as well as the results occurred out of the simulations that ANIMA for intrusion detection works well in bad-packet-identification as well as the implementation substantiates the theoretical advantages.
Michael Hilker, Christoph Schommer
Added 30 Oct 2010
Updated 30 Oct 2010
Type Conference
Year 2006
Where ACSW
Authors Michael Hilker, Christoph Schommer
Comments (0)