• DocumentCode
    238428
  • Title

    A flow based method to detect penetration

  • Author

    Shangdong Liu ; Jian Gong ; Jianxin Chen ; Yanbing Peng ; Wang Yang ; Weiwei Zhang ; Jakalan, Ahmad

  • Author_Institution
    Key Lab. of Comput. Network Technol. of Jiangsu Province, Southeast Univ., Nanjing, China
  • fYear
    2014
  • fDate
    14-16 Nov. 2014
  • Firstpage
    184
  • Lastpage
    191
  • Abstract
    With the rapid expansion of the Internet, network security has become more and more important. IDS (Intrusion Detection System) is an important technology coping network attacks and is of two main types: network based (NIDS) and host based (HIDS). In this paper, we propose the conception of NFPPB (Network Flow Patterns of Penetrating Behavior) to network vulnerable ports and design a NIDS algorithm to detect infiltration behaviors of attacker. Essentially, NFPPB is a set of metrics calculated by network activities exploiting the vulnerabilities of hosts. The paper investigates choosing, generation and comparison of NFPPB metrics. Experiments show that the method is effective and with high efficiency. At last, the paper addresses the future direction and the points that need to be improved.
  • Keywords
    computer network security; IDS; flow based method; intrusion detection system; network attacks; network flow patterns of penetrating behavior; network security; network vulnerable ports; Educational institutions; IP networks; Law; Measurement; Ports (Computers); Security; Flow Records; IDS; Infiltration Detection; Penetration Detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Advanced Infocomm Technology (ICAIT), 2014 IEEE 7th International Conference on
  • Conference_Location
    Fuzhou
  • Print_ISBN
    978-1-4799-5454-4
  • Type

    conf

  • DOI
    10.1109/ICAIT.2014.7019551
  • Filename
    7019551
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=238428