Title :
IDS Adaptation for an Efficient Detection in High-Speed Networks
Author :
Zaidi, Abdelhalim ; Kenaza, Tayeb ; Agoulmine, Nazim
Author_Institution :
CNRS IBISC Lab., Univ. of Evry Val d´´Essonne, Evry, France
Abstract :
Intrusion Detection Systems are essential in a network security solution. However, with the significant development of network technologies, the current IDS architecture does not support high-speed communications. Therefore, improving the performance of IDS is a major concern for researchers. In this paper, we present a model of intrusion detection based on the classification of network connections. Our approach is based on the principle of an intelligent loss. We propose a classification model based on the principle that a connection is either malicious or not. In the first case, the connection must be handled by the IDS; otherwise we can ignore it. This method reduces significantly the network flow sent to the IDS with a tolerance of an error threshold. This threshold can be adjusted by the updating process of the classification model.
Keywords :
pattern classification; security of data; IDS architecture; error threshold tolerance; high-speed networks; intelligent loss principle; intrusion detection systems; network connection classification; Degradation; Delay; High-speed networks; IP networks; Intrusion detection; Monitoring; Performance analysis; Protection; Telecommunication traffic; Traffic control; classification; filtering; high-speed intrusion detection; learning;
Conference_Titel :
Internet Monitoring and Protection (ICIMP), 2010 Fifth International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-1-4244-6726-6
DOI :
10.1109/ICIMP.2010.10
