DocumentCode :
2394651
Title :
Network Intrusion Detection: Using MDLcompress for deep packet inspection
Author :
Eiland, E. Earl ; Evans, Scott C. ; Markham, T. Stephen ; Barnett, Bruce ; Impson, Jeremy ; Steinbrecher, Eric
Author_Institution :
Gen. Electr. Global Res., Niskayuna, NY
fYear :
2008
fDate :
16-19 Nov. 2008
Firstpage :
1
Lastpage :
7
Abstract :
We apply MDL compress, a grammar inference engine, to network intrusion detection (NID). We specifically target HTTP payload analysis of deep packet inspection (DPI) utilizing the DARPA 1999 data sets for our normal network traffic base and create modern attack traffic using Nessus. Our approach accurately detected over 98% of the attacks compared with literature reports of approximately 95% accuracy rate on HTTP attacks.
Keywords :
grammars; inference mechanisms; security of data; HTTP pay analysis; MDLcompress; deep packet inspection; grammar inference engine; network intrusion detection; network traffic; Computer crime; Computer security; Doped fiber amplifiers; Engines; Error analysis; Inspection; Intrusion detection; Payloads; Telecommunication traffic; Web server;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Military Communications Conference, 2008. MILCOM 2008. IEEE
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4244-2676-8
Electronic_ISBN :
978-1-4244-2677-5
Type :
conf
DOI :
10.1109/MILCOM.2008.4753180
Filename :
4753180
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2394651
بازگشت