{"title":"移动网络生物模型入侵检测系统","authors":"Brian C. Williams, E. Fulp","doi":"10.1109/BWCCA.2010.113","DOIUrl":null,"url":null,"abstract":"A computer security system is typically tasked with identifying an intrusion, which is defined as a set of actions that attempt to compromise, “the integrity, confidentiality, or availability of any resources provided by a computing system” [1] An attack on a computer system plays out in a series of sequential events, the granularity of which can vary drastically depending on the type of exploit. An intrusion detection system is tasked with monitoring a system or systems in order to look for these events as indicators of potential malicious behavior. Computer intrusion detection can be provided via signatures which describe the actions associated with an attack. In a world with constantly evolving threats combined with unique new attack vectors, maintaining signatures for every individual piece of malware becomes unwieldy. This is especially true in the mobile realm, where the additional processing power and battery capacity needed to handle high numbers of signatures adversely impacts the user experience and overall platform speed. As mobile devices become increasingly computer-like, complete with similar vulnerabilities and ever-increasing connectivity, their attractiveness to attackers has increased. Efficiently detecting threats across devices on a mobile network This paper introduces the Mobile Network Defense (MND), a lightweight intrusion detection system. MND is biologically-modeled on the behavior of a population of ants, giving it many advantages over traditional security measures. Each ant in the virtual colony has the ability to detect one specic metric of the current state of a computer. In combination, the results of these simple tests can point to specic attacks, while the dynamic nature of the MND offers performance benets over the traditional static setup. This paper will demonstrate how the biologically-modeled MND offers a 34% improvement in detection time over other agent-based systems, and provides more efficient intrusion detection platform than a static model with respect to CPU utilization, making the system attractive for use across many types of mobile devices.","PeriodicalId":196401,"journal":{"name":"2010 International Conference on Broadband, Wireless Computing, Communication and Applications","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-11-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Biologically Modeled Intrusion Detection System for Mobile Networks\",\"authors\":\"Brian C. Williams, E. Fulp\",\"doi\":\"10.1109/BWCCA.2010.113\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A computer security system is typically tasked with identifying an intrusion, which is defined as a set of actions that attempt to compromise, “the integrity, confidentiality, or availability of any resources provided by a computing system” [1] An attack on a computer system plays out in a series of sequential events, the granularity of which can vary drastically depending on the type of exploit. An intrusion detection system is tasked with monitoring a system or systems in order to look for these events as indicators of potential malicious behavior. Computer intrusion detection can be provided via signatures which describe the actions associated with an attack. In a world with constantly evolving threats combined with unique new attack vectors, maintaining signatures for every individual piece of malware becomes unwieldy. This is especially true in the mobile realm, where the additional processing power and battery capacity needed to handle high numbers of signatures adversely impacts the user experience and overall platform speed. As mobile devices become increasingly computer-like, complete with similar vulnerabilities and ever-increasing connectivity, their attractiveness to attackers has increased. Efficiently detecting threats across devices on a mobile network This paper introduces the Mobile Network Defense (MND), a lightweight intrusion detection system. MND is biologically-modeled on the behavior of a population of ants, giving it many advantages over traditional security measures. Each ant in the virtual colony has the ability to detect one specic metric of the current state of a computer. In combination, the results of these simple tests can point to specic attacks, while the dynamic nature of the MND offers performance benets over the traditional static setup. This paper will demonstrate how the biologically-modeled MND offers a 34% improvement in detection time over other agent-based systems, and provides more efficient intrusion detection platform than a static model with respect to CPU utilization, making the system attractive for use across many types of mobile devices.\",\"PeriodicalId\":196401,\"journal\":{\"name\":\"2010 International Conference on Broadband, Wireless Computing, Communication and Applications\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-11-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 International Conference on Broadband, Wireless Computing, Communication and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/BWCCA.2010.113\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Broadband, Wireless Computing, Communication and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/BWCCA.2010.113","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Biologically Modeled Intrusion Detection System for Mobile Networks
A computer security system is typically tasked with identifying an intrusion, which is defined as a set of actions that attempt to compromise, “the integrity, confidentiality, or availability of any resources provided by a computing system” [1] An attack on a computer system plays out in a series of sequential events, the granularity of which can vary drastically depending on the type of exploit. An intrusion detection system is tasked with monitoring a system or systems in order to look for these events as indicators of potential malicious behavior. Computer intrusion detection can be provided via signatures which describe the actions associated with an attack. In a world with constantly evolving threats combined with unique new attack vectors, maintaining signatures for every individual piece of malware becomes unwieldy. This is especially true in the mobile realm, where the additional processing power and battery capacity needed to handle high numbers of signatures adversely impacts the user experience and overall platform speed. As mobile devices become increasingly computer-like, complete with similar vulnerabilities and ever-increasing connectivity, their attractiveness to attackers has increased. Efficiently detecting threats across devices on a mobile network This paper introduces the Mobile Network Defense (MND), a lightweight intrusion detection system. MND is biologically-modeled on the behavior of a population of ants, giving it many advantages over traditional security measures. Each ant in the virtual colony has the ability to detect one specic metric of the current state of a computer. In combination, the results of these simple tests can point to specic attacks, while the dynamic nature of the MND offers performance benets over the traditional static setup. This paper will demonstrate how the biologically-modeled MND offers a 34% improvement in detection time over other agent-based systems, and provides more efficient intrusion detection platform than a static model with respect to CPU utilization, making the system attractive for use across many types of mobile devices.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
