Host-based Intrusion Detection Using Signature-based and AI-driven Anomaly Detection Methods
نویسندگان
چکیده
منابع مشابه
Host-Based Anomaly Intrusion Detection
Network security has become an essential component of any computer network. Despite significant advances having been made on network-based intrusion prevention and detection, ongoing attacks penetrating network-based security mechanisms have been reported. It is being realized that network-based security mechanisms such as firewalls or intrusion detection systems (IDS) are not effective in dete...
متن کاملUSAID: Unifying Signature-Based and Anomaly-Based Intrusion Detection
Most intrusion detection techniques suffer from either an inability to detect unknown intrusions, or unacceptably high false alarm rates. However, there lacks a general basis to analyze and find solutions to these problems. In this paper, we propose such a theoretical basis for intrusion detection, which makes it possible to systematically express and analyze the detection performance metrics s...
متن کاملAssessment Methodology for Anomaly-Based Intrusion Detection in Cloud Computing
Cloud computing has become an attractive target for attackers as the mainstream technologies in the cloud, such as the virtualization and multitenancy, permit multiple users to utilize the same physical resource, thereby posing the so-called problem of internal facing security. Moreover, the traditional network-based intrusion detection systems (IDSs) are ineffective to be deployed in the cloud...
متن کاملEarly Warning and Intrusion Detection based on Combined AI Methods
In this paper we survey the architecture and AI aspects in our project on early warningand intrusion detection based on combined AI methods. We address the problem of alarm assessment in intrusion detection and use plan reconstruction based on hierarchically organised procedural knowledge that contains descriptions of adversary actions. Reconstructed plans are supposed to correlate events and a...
متن کاملHost-Based Intrusion Detection Using User Signatures
An intrusion occurs when an attacker gains unauthorized access to a valid user’s account and performs disruptive behavior while masquerading as that user. The attacker may harm the user’s account directly and can use it to launch attacks on other accounts or machines. Developing “signatures” of users of a computer system is a useful method for detecting when this scenario happens. Our approach ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Information & Security
سال: 2021
ISSN: ['0861-5160', '1314-2119']
DOI: https://doi.org/10.11610/isij.5016