Title :
Research of intrusion detection system based on vulnerability scanner
Author :
Yang, Guangming ; Chen, Dongming ; Xu, Jian ; Zhu, Zhiliang
Author_Institution :
Software Coll. of Northeastern Univ., Shenyang, China
Abstract :
Feature matching is an important way of network intrusion detection system. With the increasing of attack types, rule database becomes more and more larger and the course of matching also becomes increasingly complex, which makes IDS easily to lose packets. For the problem above, two kinds of signature customization methods which based on open ports and CVE number are designed in this paper. These methods integrate the IDS and vulnerability scanner, help the misuse NIDS to select appropriate signature for the protected host and eliminate unnecessary signature matching through not modifying too much programs and setting the values of NIDS. Some experiments have been done on testing the integrated system. The results show that IDS can reduce the detection rules, useless alerts and improve detection efficiency after customization signature.
Keywords :
computer network security; IDS; feature matching; network intrusion detection system; signature customization methods; vulnerability scanner; Appropriate technology; Databases; Detection algorithms; Educational institutions; High-speed networks; Information security; Intrusion detection; Protection; Protocols; System testing; CVE; NIDS; signature customization; vulnerability scanner;
Conference_Titel :
Advanced Computer Control (ICACC), 2010 2nd International Conference on
Conference_Location :
Shenyang
Print_ISBN :
978-1-4244-5845-5
DOI :
10.1109/ICACC.2010.5486762
