Title :
Application Level IDS using Protocol Analysis
Author :
Rajkumar, K.V. ; Vaidehi, V. ; Pradeep, S. ; Srinivasan, N. ; Vanishree, M.
Author_Institution :
Dept. of Electron. Eng., Madras Inst. of Technol., Chennai
Abstract :
As network attacks have increased in number and severity over the past few years, intrusion detection systems have become a necessary addition to the security infrastructure of most organizations. From a security perspective, firewalls and SSL offer little protection. Web traffic often contains attacks such as cross-site scripting and SQL injection that enter through port 80 and are not blocked by the firewall. Among the Web applications HTTP holds the majority share of the traffic transported through Web. In this paper, implementation of an application level IDS has been presented which uses combination of pattern matching and protocol analysis approaches. The first method of detection relies on a multi pattern matching within the protocol fields, the second one provides an efficient decision tree adaptive to the application traffic characteristics to limit the number of patterns to be checked. The proposed IDS can be effectively implemented in a high performance semantic processor
Keywords :
Internet; authorisation; computer crime; decision trees; pattern matching; telecommunication security; telecommunication traffic; transport protocols; HTTP; SSL; Web traffic; application level IDS; decision tree; firewall; high performance semantic processor; intrusion detection system; network attack; pattern matching; protocol analysis; Detectors; Event detection; Intrusion detection; Network servers; Pattern analysis; Pattern matching; Performance analysis; Protocols; Telecommunication traffic; Web server;
Conference_Titel :
Signal Processing, Communications and Networking, 2007. ICSCN '07. International Conference on
Conference_Location :
Chennai
Print_ISBN :
1-4244-0997-7
Electronic_ISBN :
1-4244-0997-7
DOI :
10.1109/ICSCN.2007.350762