Sciweavers

DEXAW
2008
IEEE

Experiences on Designing an Integral Intrusion Detection System

14 years 7 months ago
Experiences on Designing an Integral Intrusion Detection System
Network Intrusion Detection Systems (NIDS) have the challenge to prevent network attacks and unauthorised remote use of computers. In order to achieve this goal, NIDS usually follow two different strategies. The first one aims at detecting forbidden usage of the network and the second one concentrates on finding illegitimate behaviour. The first methodology accomplishes its goal by defining all possible attacks and the second by modelling the normal usage to detect anything that does not fit on that muster; this difference has rendered both alternatives so far incompatible. In previous works we have presented ESIDE-Depian, the first inherently unified misuse and anomaly detector. This paper focuses on the problems and difficulties that arose in the integration process and the solutions designed to overcome them.
Yoseba K. Penya, Pablo Garcia Bringas
Added 29 May 2010
Updated 29 May 2010
Type Conference
Year 2008
Where DEXAW
Authors Yoseba K. Penya, Pablo Garcia Bringas
Comments (0)