Research Article
Intrusion Detection in Dos Attacks
|
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
| Volume 15 - Issue 8 |
| Published: February 2011 |
| Authors: P.Rajapandian, Dr.K.Alagarsamy |
10.5120/1967-2634
|
P.Rajapandian, Dr.K.Alagarsamy . Intrusion Detection in Dos Attacks. International Journal of Computer Applications. 15, 8 (February 2011), 33-37. DOI=10.5120/1967-2634
@article{ 10.5120/1967-2634,
author = { P.Rajapandian,Dr.K.Alagarsamy },
title = { Intrusion Detection in Dos Attacks },
journal = { International Journal of Computer Applications },
year = { 2011 },
volume = { 15 },
number = { 8 },
pages = { 33-37 },
doi = { 10.5120/1967-2634 },
publisher = { Foundation of Computer Science (FCS), NY, USA }
}
%0 Journal Article
%D 2011
%A P.Rajapandian
%A Dr.K.Alagarsamy
%T Intrusion Detection in Dos Attacks%T
%J International Journal of Computer Applications
%V 15
%N 8
%P 33-37
%R 10.5120/1967-2634
%I Foundation of Computer Science (FCS), NY, USA
Abstract
Different signature or misuse based intrusion detection techniques; anomaly detection is accomplished of detecting novel attacks. However, the use of anomaly detection in practice is vulnerable by a high rate of false alarms. Pattern based techniques have been shown to make a low rate of false alarms, but are not as efficient as anomaly detection in detecting novel attacks, particularly when it comes to network probing and Denial-Of-Service (DOS) attacks. In this paper we find a new approach that merge pattern-based and anomaly-based intrusion detection, mitigating the weak point of the two approaches while increasing their strengths. Our approach begins with network protocols, and expands these state machines with information about statistics that need to be maintained to detect anomalies.
References
- Andersons. D., Lunt.T , H. Javitz, Tamaru.A, and A. Valdes, Next-Generation Intrusion Detection Expert System (NIDES): A Summary, SRI-CSL-95-07, SRI International paper, 1995.
- Bowen ,. T., Chee.D., Segal. M., Sekar.R., Uppuluri.P, and Shanbhag. T., Building Survivable Systems: An Integrated Approach Based on Intrusion Detection and Confinement, DISCEX 2000.
- Chan .P.K and Stolfo.S, Toward parallel and distributed learning by metalearning, AAAI workshop in Knowledge Discovery in Databases, 1993.
- Denning.D, An Intrusion Detection Model, IEEE Trans. on Software Engineering, Feb 1987.
- Forrest.S, Hofmeyr.S and Somayaji.A, Computer Immunology, Comm. of ACM 40(10), 1997.
- Ghosh.A, Schwartzbard.A and Schatz.M, Learning Program Behavior Profiles for Intrusion Detection, 1st USENIX Workshop on Intrusion Detection and Network Monitoring, 2009.
- Haines.J, Lippmann.R, Fried.D, Tran.E, Boswell.S and Zissman.M, 2009 DARPA Intrusion Detection System Evaluation: Design and Procedures, MIT Lincoln Laboratory Technical Report TR-1062, 2001.
- Heberlein.L et al, A Network Security Monitor, Symposium on Research Security and Privacy, 1990.
- Hochberg.J et al, NADIR: An Automated System for Detecting Network Intrusion and Misuse, Computers and Security 12(3), May 1993.
- Jakobson .Gand M. Weissman, Alarm Correlation, IEEE Network, Vol. 7, No. 6., 1993.
- Ko.C, M. Ruschitzka and K. Levitt, Execution Monitoring of Security-Critical Programs in Distributed Systems: A Pattern-Based Approach, IEEE Symposium on Security and Privacy, 1997.
- Kumar.S and Spafford.E, A Pattern-Matching Model for Intrusion Detection, Nat’ Computer Security Conference, 1994.
- Lee.W and Stolfo.S, Data Mining Approaches for Intrusion Detection, USENIX Security Symposium, 1998.
- Lippmann.R, Fried.D, Graf.I, Haines.J, Kendall.K, McClung.D, D. Weber, S. Webster, D. Wyschogrod, R. Cunningham and M. Zissman, Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation, Proceedings of the DARPA Information Survivability Conference and Exposition, 2000.
- McCanne.S and Jacobson.V, The BSD Packet Filter: A New Architecture for User-level Packet Capture, Lawrence Berkeley Laboratory, Berkeley, CA, 1992.
- Mukherjee.B, Heberlein.L and Levitt.K Network Intrusion Detection, IEEE Network, May/June 1994.
- Paxson,.V Bro: A System for Detecting Network Intruders in Real-Time, USENIX Security Symposium, 1998.
- Porras.P and Valdes.A, Live Traffic Analysis of TCP/IP Gateways,Networks and Distributed Systems Security Symposium, 1998.
- Porras.P and Neumann.P, EMERALD: Event Monitoring Enabled Responses to Anomalous Live Disturbances, National Information Systems Security Conference, 1997.
- Porras.P and Kemmerer.K, Penetration State Transition Analysis:A Rule based Intrusion Detection Approach, Eighth Annual Computer Security Applications Conference, 1992.
- Roesch.M, Snort: Lightweight intrusion detection for networks, USENIX LISA Conference, 2009.
- Sekar.R, Guang.Y, Shanbhag.T and Verma.S, A High-Performance Network Intrusion Detection System, ACM Computer and Communication Security Conference, 2009.
- Sekar.R and Uppuluri.P, Synthesizing Fast Intrusion Prevention/Detection Systems from High-Level Patterns, USENIX Security Symposium, 2009.
- Taylor .C and Alves.J-Foss. NATE - Networks Analysis of Anomalous Traffic Events, A Low-Cost Approach, New Security Paradigms Workshop, 2001.
- Vigna.G and Kemmerer.R, NetSTAT: A Network-based Intrusion Detection Approach, Computer Security Applications Conference, 1998
Index Terms
Keywords