Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
2002
IEEE
2002
IEEE
Stateful Intrusion Detection for High-Speed Networks
As networks become faster there is an emerging need for security analysis techniques that can keep up with the increased network throughput. Existing network-based intrusion detection sensors can barely keep up with bandwidths of a few hundred Mbps. Analysis tools that can deal with higher throughput are unable to maintain state between different steps of an attack or they are limited to the analysis of packet headers. We propose a partitioning approach to network security analysis that supports in-depth, stateful intrusion detection on high-speed links. The approach is centered around a slicing mechanism that divides the overall network traffic into subsets of manageable size. The traffic partitioning is done so that a single slice contains all the evidence necessary to detect a specific attack, making sensorto-sensor interactions unnecessary. This paper describes the approach and presents a first experimental evaluation of its effectiveness.
Real-time TrafficIntrusion Detection | Intrusion Detection Sensors | Security Analysis | Security Privacy | SP 2002 |
| Added | 23 Dec 2010 |
| Updated | 23 Dec 2010 |
| Type | Journal |
| Year | 2002 |
| Where | SP |
| Authors | Christopher Krügel, Fredrik Valeur, Giovanni Vigna, Richard A. Kemmerer |
Comments (0)
Researcher Info
|
