Abstract
The current paper proposes a network-based Intrusion Detection System (IDS) that can efficiently detect attacks based on malformed packets that continues to increase, along with more intelligent and skillful hacking techniques. Our system firstly extracts the important features from network packets and analyzes simple attacks and detects IP fragmentation attacks. Thereafter, it collects information from the SA and the FA and other strange information related to the malformed packet. Finally, it judges whether or not an intrusion has occurred on the basis of information gathered from target systems by CAs. The simulation result shows 0% false-positive and 0% false-negative, 100% detection ratio, thereby confirming the accuracy of the proposed IDS in detecting fragmentation attacks.
This work was supported by the Brain Korea 21 Project in 2006.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Skoudis, E.: Counter Hack. Prentice-Hall, Englewood Cliffs (2002)
Proctor, P.E.: Practical Intrusion Detection Handbook. Prentice Hall PTR, Englewood Cliffs (2001)
Bykova, M., Ostermann, S., Tjaden, B.: Detection Network Intrusions via Statistical Analysis of Network Packet Characteristics. 33rd Southeastern Symposium on System Theory (SSST), 309–314 (2001)
Forozan, B.A.: TCP/IP Protocol Suite. Mcgraw-Hill Companies, Inc (2000)
Biermann, E., Cloete, E., Venter, L.M.: A comparison of Intrusion Detection System. Computers and Security 20, 676–683 (2001)
Northcut, S., Novak, J.: Network Intrusion Detection An Analyst’s Handbook, 2nd edn., New Riders (2001)
Kim, S.-C.: Abnormal IP Packets. Korea Computer Emergency Response Team Coordination Center (2001)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jeon, JC., Choi, EY., Yoo, KY. (2006). Agent-Based Real Time Intrusion Detection System Against Malformed Packet Attacks. In: Shi, ZZ., Sadananda, R. (eds) Agent Computing and Multi-Agent Systems. PRIMA 2006. Lecture Notes in Computer Science(), vol 4088. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11802372_98
Download citation
DOI: https://doi.org/10.1007/11802372_98
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36707-9
Online ISBN: 978-3-540-36860-1
eBook Packages: Computer ScienceComputer Science (R0)