一种混合入侵检测和可视化系统

13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06) Pub Date : 2006-03-27 DOI:10.1109/ECBS.2006.8

Jianfeng Peng, Chuan Feng, J. Rozenblit

{"title":"一种混合入侵检测和可视化系统","authors":"Jianfeng Peng, Chuan Feng, J. Rozenblit","doi":"10.1109/ECBS.2006.8","DOIUrl":null,"url":null,"abstract":"Network attacks have become the fundamental threat to today's largely interconnected computer systems. Unauthorized activities and unauthorized access account for a large proportion of these networks. Unauthorized accesses and misuse of critical data can be catastrophic to businesses, emergency services, and even threaten the defense and security of a nation. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. This paper proposes a hybrid intrusion detection and visualization system that leverages the advantages of current signature-based and anomaly detection methods. The hybrid instruction detection system deploys these two methods in a two-staged manner to identify both known and novel attacks. When intrusion is detected, autonomous agents that reside on the system automatically take actions against misuse and abuse of computer system, thus protecting the system from internal and external attacks","PeriodicalId":430872,"journal":{"name":"13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"A hybrid intrusion detection and visualization system\",\"authors\":\"Jianfeng Peng, Chuan Feng, J. Rozenblit\",\"doi\":\"10.1109/ECBS.2006.8\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network attacks have become the fundamental threat to today's largely interconnected computer systems. Unauthorized activities and unauthorized access account for a large proportion of these networks. Unauthorized accesses and misuse of critical data can be catastrophic to businesses, emergency services, and even threaten the defense and security of a nation. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. This paper proposes a hybrid intrusion detection and visualization system that leverages the advantages of current signature-based and anomaly detection methods. The hybrid instruction detection system deploys these two methods in a two-staged manner to identify both known and novel attacks. When intrusion is detected, autonomous agents that reside on the system automatically take actions against misuse and abuse of computer system, thus protecting the system from internal and external attacks\",\"PeriodicalId\":430872,\"journal\":{\"name\":\"13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06)\",\"volume\":\"34 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-03-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ECBS.2006.8\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ECBS.2006.8","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

摘要

网络攻击已经成为当今大部分相互连接的计算机系统的根本威胁。未经授权的活动和未经授权的访问占这些网络的很大比例。未经授权的访问和滥用关键数据可能对企业、应急服务造成灾难性影响，甚至威胁到一个国家的国防和安全。面对日益增多的安全漏洞，入侵检测系统是防御系统不可缺少的手段。本文利用当前基于特征和异常检测方法的优点，提出了一种混合入侵检测和可视化系统。混合指令检测系统以两阶段的方式部署这两种方法来识别已知和新的攻击。当检测到入侵时，驻留在系统上的自治代理自动采取措施防止计算机系统的误用和滥用，从而保护系统免受内部和外部攻击

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A hybrid intrusion detection and visualization system

Network attacks have become the fundamental threat to today's largely interconnected computer systems. Unauthorized activities and unauthorized access account for a large proportion of these networks. Unauthorized accesses and misuse of critical data can be catastrophic to businesses, emergency services, and even threaten the defense and security of a nation. Intrusion detection system (IDS) is indispensable to defend the system in the face of increasing vulnerabilities. This paper proposes a hybrid intrusion detection and visualization system that leverages the advantages of current signature-based and anomaly detection methods. The hybrid instruction detection system deploys these two methods in a two-staged manner to identify both known and novel attacks. When intrusion is detected, autonomous agents that reside on the system automatically take actions against misuse and abuse of computer system, thus protecting the system from internal and external attacks

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

13th Annual IEEE International Symposium and Workshop on Engineering of Computer-Based Systems (ECBS'06)

自引率

0.00%

发文量