Classifying and responding to network intrusions

نویسنده

  • Maria Papadaki
چکیده

Addressing security vulnerabilities and system intrusions can represent asignificant administrative overhead in current computer systems. Althoughtechnologies exist for both vulnerability scanning and for intrusion detection,the problems typically require some form of human intervention before theycan be rectified. Evidence suggests that, in many cases, this can lead toomissions or oversights in terms of protection, as administrators are forced toprioritise their attention to security amongst various other tasks (particularlywithin smaller organisations, where a dedicated security administrationfunction is unlikely to be foimd). As a result, mechanisms for automatedresponse to the issues are considered to be advantageous. The paper describesthe problems associated with vulnerability analysis and intriision response, andthen proceeds to consider how, at a conceptual level, the issues could beaddressed within the framework of a wider architecture for intrusionmonitoring. r 1 Ti 111 uTiiiaiiiiiiaianMaiiii 88Advances in Information Security Management & Small Systems Security

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

An Expert System-Based Site Security Officer

A Site Security Officer (SSO) who is a network security staff that responds to alarms from an Intrusion Detection System (IDS), is always faced with the critical problem of low response time when the network becomes big. Even a skilled SSO is hard-pressed and less productive when collecting and analyzing IDS output manually as the frequency of intrusion increases. In this work, an Expert System...

متن کامل

Mining Network Data for Intrusion Detection through Naïve Bayesian with Clustering

Network security attacks are the violation of information security policy that received much attention to the computational intelligence society in the last decades. Data mining has become a very useful technique for detecting network intrusions by extracting useful knowledge from large number of network data or logs. Naïve Bayesian classifier is one of the most popular data mining algorithm fo...

متن کامل

Evolving Fuzzy Classifiers for Intrusion Detection

ISBN 555555555/$10.00  2002 IEEE Abstract – The normal and the abnormal behaviors in networked computers are hard to predict, as the boundaries cannot be well defined. This prediction process usually generates false alarms in many anomaly based intrusion detection systems. However, with fuzzy logic, the false alarm rate in determining intrusive activities can be reduced, where a set of fuzzy r...

متن کامل

Network Security Using Linux Intrusion Detection System

Attacks on the nation’s computer infrastructures are becoming an increasingly serious problem. Firewalls provide a certain amount of security, but can be fooled at times by attacks like IP spoofing and the so called authorized users. So an intelligent system that can detect attacks and intrusions is required. The tool GRANT (Global Realtime Analysis of Network Traffic) being a Linux based Intru...

متن کامل

Semi-supervised Random Forest for Intrusion Detection Network

In order to protect valuable computer systems, network data needs to be analyzed and classified so that possible network intrusions can be detected. Machine learning techniques have been used to classify network data. For supervised machine learning methods, they can achieve high accuracy at classifying network data as normal or malicious, but they require the availability of fully labeled data...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2004