Title :
Cooperative intrusion detection model based on scenario
Author :
Teng, Shaohua ; Zhang, Wei ; Fu, Xiufen ; Tan, Wenwei
Author_Institution :
Guangdong Univ. of Technol., Guangzhou
Abstract :
When a new intrusion means is developed, many intrusion methods can be derived by exchanging the command sequences or by replacing commands with the functionally similar commands, which makes the detection of the developed intrusion very difficult. To overcome this problem, a cooperative intrusion detection model based on scenario is proposed, which is consisted of 5 layers. Topological order, isomorphic transformation and state transition analysis method are applied in the text. For an intrusion case we generate all the possible derived intrusions as an intrusion base. Based on this intrusion base, we present an efficient method to detect such intrusions by using finite automaton. Further, we apply data fusion to analysis suspicious data. A derived intrusion can be seen as an unknown intrusion, in this sense the technique presented in this paper can detect some unknown intrusions.
Keywords :
computer networks; finite automata; groupware; security of data; cooperative intrusion detection model; data fusion; finite automaton; isomorphic transformation; state transition analysis method; topological order; Automata; Collaborative work; Data analysis; Data mining; Data security; Fusion power generation; High-speed networks; Intrusion detection; Leak detection; Postal services; CSCW; intrusion detection; scenario; state transition;
Conference_Titel :
Computer Supported Cooperative Work in Design, 2007. CSCWD 2007. 11th International Conference on
Conference_Location :
Melbourne, Vic.
Print_ISBN :
1-4244-0963-2
Electronic_ISBN :
1-4244-0963-2
DOI :
10.1109/CSCWD.2007.4281552
