Loading [a11y]/accessibility-menu.js
Potential application of training based computation to intrusion detection | IEEE Conference Publication | IEEE Xplore

Potential application of training based computation to intrusion detection


Abstract:

Without detection of a network intrusion, a system is not capable of properly defending itself. Therefore, the first step in preserving system integrity is to detect whet...Show More

Abstract:

Without detection of a network intrusion, a system is not capable of properly defending itself. Therefore, the first step in preserving system integrity is to detect whether or not the system is under attack. We initiated a research project that utilizes training based computation for network intrusion detection. The goal of this project is to defend the system from unknown attacks. Packet analysis approaches are effective at detecting known attacks, but fail at unknown attack detection. In order to protect the system from unknown attacks, we need to develop a classifier system which is independent of the signatures found in network packets. One of the promising ways to perform this classification is to profile kernel level activities. We apply a probabilistically optimal classifier ensemble method to monitor kernel activity, and ultimately to predict whether or not the system is under attack.
Date of Conference: 25-29 July 2004
Date Added to IEEE Xplore: 10 January 2005
Print ISBN:0-7803-8353-2
Print ISSN: 1098-7584
Conference Location: Budapest, Hungary

References

References is not available for this document.