Abstract:
Without detection of a network intrusion, a system is not capable of properly defending itself. Therefore, the first step in preserving system integrity is to detect whet...Show MoreMetadata
Abstract:
Without detection of a network intrusion, a system is not capable of properly defending itself. Therefore, the first step in preserving system integrity is to detect whether or not the system is under attack. We initiated a research project that utilizes training based computation for network intrusion detection. The goal of this project is to defend the system from unknown attacks. Packet analysis approaches are effective at detecting known attacks, but fail at unknown attack detection. In order to protect the system from unknown attacks, we need to develop a classifier system which is independent of the signatures found in network packets. One of the promising ways to perform this classification is to profile kernel level activities. We apply a probabilistically optimal classifier ensemble method to monitor kernel activity, and ultimately to predict whether or not the system is under attack.
Date of Conference: 25-29 July 2004
Date Added to IEEE Xplore: 10 January 2005
Print ISBN:0-7803-8353-2
Print ISSN: 1098-7584