Modeling protocol based packet header anomaly detector for network and host intrusion detection systems

被引:0
|
作者
Shamsuddin, Solahuddin B. [1 ]
Woodward, Michael E. [1 ]
机构
[1] Univ Bradford, Dept Comp, Sch Informat, Bradford BD7 1DP, W Yorkshire, England
来源
CRYPTOLOGY AND NETWORK SECURITY | 2007年 / 4856卷
关键词
anomaly; data base; network intrusion detection system;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
This paper describes an experimental protocol based packet header anomaly detector for Network and Host Intrusion Detection System modelling which analyses the behaviour of packet header field values based on its layer 2, 3 and 4 protocol fields of the ISO OSI Seven Layer Model for Networking. Our model which we call as Protocol based Packet Header Anomaly Detector (PbPHAD) Intrusion Detection System is designed to detect the anomalous behaviour of network traffic packets based on three specific network and transport layer protocols namely UDP, TCP and ICMP to identify the degree of maliciousness from a set of detected anomalous packets identified from the sum of statistically modelled individually rated anomalous field values.
引用
收藏
页码:209 / 227
页数:19
相关论文
共 50 条
  • [11] Packet-vs. session-based modeling for intrusion detection systems
    Caulkins, BD
    Lee, JH
    Wang, M
    ITCC 2005: International Conference on Information Technology: Coding and Computing, Vol 1, 2005, : 116 - 121
  • [12] PAID: Packet analysis for anomaly intrusion detection
    Lee, Kuo-Chen
    Chang, Jason
    Chen, Ming-Syan
    ADVANCES IN KNOWLEDGE DISCOVERY AND DATA MINING, PROCEEDINGS, 2008, 5012 : 626 - 633
  • [13] Research of wavelet neural network based host intrusion detection systems
    Wang, Zimin
    Tan, Yonghong
    WAVELET ACTIVE MEDIA TECHNOLOGY AND INFORMATION PROCESSING, VOL 1 AND 2, 2006, : 1007 - +
  • [14] Proposals on assessment environments for anomaly-based network intrusion detection systems
    Bermudez-Edo, M.
    Salazar-Hernandez, R.
    Diaz-Verdejo, J.
    Garcia-Teodoro, P.
    CRITICAL INFORMATION INFRASTRUCTURES SECURITY, 2006, 4347 : 210 - +
  • [15] Modeling host status transition for network intrusion detection
    Kwak, M
    Cho, DS
    SAM '04: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND MANAGEMENT, 2004, : 421 - 426
  • [16] Anomaly Based Network Intrusion Detection with Unsupervised Outlier Detection
    Zhang, Jiong
    Zulkernine, Mohammad
    2006 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS, VOLS 1-12, 2006, : 2388 - 2393
  • [17] ANOMALY-BASED NETWORK INTRUSION DETECTION METHODS
    Nevlud, Pavel
    Bures, Miroslav
    Kapicak, Lukas
    Zdralek, Jaroslav
    ADVANCES IN ELECTRICAL AND ELECTRONIC ENGINEERING, 2013, 11 (06) : 468 - 474
  • [18] Review on Anomaly based Network Intrusion Detection System
    Samrin, Rafath
    Vasumathi, D.
    2017 INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONICS, COMMUNICATION, COMPUTER, AND OPTIMIZATION TECHNIQUES (ICEECCOT), 2017, : 141 - 147
  • [19] Anomaly intrusion detection system based on neural network
    Li, Yuan-Bing
    Fang, Ding-Yi
    Wu, Xiao-Nan
    Chen, Xiao-Jiang
    Xi Tong Gong Cheng Yu Dian Zi Ji Shu/Systems Engineering and Electronics, 2005, 27 (09): : 1648 - 1651
  • [20] Genetic algorithms in intrusion detection based on network anomaly
    Zhang, Feng-Bin
    Yang, Yong-Tian
    Jiang, Zi-Yang
    Tien Tzu Hsueh Pao/Acta Electronica Sinica, 2004, 32 (05): : 875 - 877
12345