Abstract
In this paper we present an adaptive detection and coordination system which consists of anomaly and misuse detector combined by lightweight neural networks to synchronize with specific data control of proxy server.The proposed method is able to correct false positive of anomaly detector for the unusual changes in the segment monitored by the subsequent misuse detector. The orthogonal outputs of these two detectors can be applied for the switching condition between the parameter settings and the protective data modification of proxy. In the unseen attacks our model detects, the forwarding delay time set in the proxy server according to the detection intervals enable us to protect the system faster and prevent effectively the malicious code from spreading.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Thottan, M., Ji, C.: Proactive Anomaly Detection Using Distributed Intelligent Agents. IEEE Network 12, 21–27 (1998); special Issue on Network Management
Ghosh, A.K., Wanken, J., Charron, F.: Detecting Anomalous and Unknown Intrusions Against Programs. In: Proceedings of the 14th IEEE Annual Computer Security Applications Conference, pp. 259–267 (1998)
Lindqvist, U., Jonsson, E.: How to Systematically Classify Computer Security Intrusions. In: Proceedings of the 1997 IEEE Symposium on Security & Privacy, pp. 154–163 (1997)
Cannady, J.: Artificial Neural Networks for Misuse Detection. In: Proceedings of the 1998 National Information Systems Security Conference, NISSC 1998 (1998)
Shieh, S.W., Virgil, D.: A Pattern-Oriented Intrusion-Detection Model and Its Applications. In: IEEE Symposium on Security and Privacy, pp. 327–342 (1991); Baldonado, M., Chang, C.-C.K., Gravano, L., Paepcke, A.: The Stanford Digital Library Metadata Architecture. Int. J. Digit. Libr., vol 1, 108–121(1997)
Pao, Y.H., Takefuji, Y.: Functional-link net computing: theory, system architecture and functionalities, pp. 76–79. IEEE Computer, Los Alamitos (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ando, R., Takefuji, Y. (2003). Two-Stage Orthogonal Network Incident Detection for the Adaptive Coordination with SMTP Proxy. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_37
Download citation
DOI: https://doi.org/10.1007/978-3-540-45215-7_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40797-3
Online ISBN: 978-3-540-45215-7
eBook Packages: Springer Book Archive