Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
AUSDM
2008
Springer
2008
Springer
Service-independent payload analysis to improve intrusion detection in network traffic
The popularity of computer networks broadens the scope for network attackers and increases the damage these attacks can cause. In this context, Intrusion Detection Systems (IDS) are included as part of any complete security package. This work focuses on nIDSs which work by scanning the network traffic. A serviceindependent payload processing approach is presented to increase detection rates in non-flood attacks. Three different techniques for payload processing are proposed and they are shown to be able to efficiently detect some of the attack types. Moreover, the proper integration of the knowledge of the different techniques, payload-based and packet header-based, always improves the results. This work leads us to conclude that payload analysis can be used in a general manner, with no service- or port-specific modelling, to detect attacks in network traffic..
Real-time Traffic| Added | 12 Oct 2010 |
| Updated | 12 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | AUSDM |
| Authors | Iñigo Perona, Ibai Gurrutxaga, Olatz Arbelaitz, José Ignacio Martín, Javier Muguerza, Jesús M. Pérez |
Comments (0)
Researcher Info
|
