Skip to main content
SpringerLink
Log in

Behavior-Based Model of Detection and Prevention of Intrusions in Computer Networks

  • Conference paper
Book cover Computer Network Security (MMM-ACNS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 3685))

  • 840 Accesses

Abstract

The paper describes a new intrusion detection and prevention model, which is based on state machine-based formal grammar. This behavior-based model allows to detect computer attacks by means of normal network traffic modeling. The parameters of such normal network traffic are presented in a formal grammar. Each data packet that violates these parameters is considered as a part of intrusion and blocked by network filters. The described model was implemented in Intrusion Detection and Prevention System “Forpost” and successfully tested in a complex network environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Avdoshin, S., Serdiouk, V.: Some approaches to information security of communication networks, vol. 26, pp. 1–10. Slovenia, Informatica (2002)

    Google Scholar 

  2. Cohen, F.B.: Information System Attacks: A Preliminary Classification Scheme. Computers and Security 16(1) (1997)

    Google Scholar 

  3. Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 805–822 (1999)

    Article  Google Scholar 

  4. Denning, D.: An intrusion-detection model. IEEE Transactions on Software Engineering 13, 222–232 (1987)

    Article  Google Scholar 

  5. Gorodetski, V.I., Kotenko, I.: Attacks against Computer Network: Formal Grammar-Based Framework and Simulation Tool. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 219–238. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  6. Krsul, I.V.: Software Vulnerability Analysis, Ph.D. Dissertation, Computer Sciences Department, Purdue University, Lafayette, IN (1998)

    Google Scholar 

  7. Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proc. 17th National Computer Security Conf., October 1994, pp. 11–21 (1994)

    Google Scholar 

  8. Serdiouk, V.: Methods of data collection by intrusion detection systems. BYTE/Russia 54, 74–78 (2003)

    Google Scholar 

  9. Serdiouk, V.: Prevention of computer attacks. Network Magazine. Russia. 2, 62–67 (2003)

    Google Scholar 

  10. Verwoerd, T., Hunt, R.: Intrusion detection techniques and approaches. Computer communications 25, 1356–1365 (2002)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technologies, “MATI” – Russian State Technological University, 121552, Orshanskaya 3, Moscow, Russia

    Victor Serdiouk

Authors
  1. Victor Serdiouk
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia

    Vladimir Gorodetsky

  2. Computer Security Research Group, St. Petersburg Institute for Informatics and Automation, 39, 14 Liniya, 199178, St.-Petersburg, Russia

    Igor Kotenko

  3. US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA

    Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Serdiouk, V. (2005). Behavior-Based Model of Detection and Prevention of Intrusions in Computer Networks. In: Gorodetsky, V., Kotenko, I., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2005. Lecture Notes in Computer Science, vol 3685. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11560326_29

Download citation

  • DOI: https://doi.org/10.1007/11560326_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-29113-8

  • Online ISBN: 978-3-540-31998-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation