DocumentCode :
3263076
Title :
Scenario based threat detection and attack analysis
Author :
Hsiu, Pi-Cheng ; Kuo, Chin-Fu ; Kuo, Tei-Wei ; Juan, Eric Y T
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., National Taiwan Univ., Taipei, Taiwan
fYear :
2005
fDate :
11-14 Oct. 2005
Firstpage :
279
Lastpage :
282
Abstract :
This paper targets two essential issues in intrusion detection system designs: the optimization of rule selection and the attack discovery in attack analysis. A scenario-based approach is proposed to correlate malicious packets and to intelligently select intrusion detection rules to fire. We propose algorithms for rule selection and attack scenario identification. Potential threats and their relationship for a gateway and Web-server applications are explored as an example in the study. The proposed algorithms are implemented over Snort, a signature-based intrusion detection system, for which we have some encouraging performance evaluation results.
Keywords :
Internet; security of data; Snort; Web-server application; attack analysis; attack discovery; attack scenario identification; intrusion detection rule; malicious packet; rule selection; signature-based intrusion detection system; threat detection; Acceleration; Computer science; Databases; Design optimization; Fires; Information security; Intelligent sensors; Intrusion detection; Testing; Web server;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Security Technology, 2005. CCST '05. 39th Annual 2005 International Carnahan Conference on
Print_ISBN :
0-7803-9245-0
Type :
conf
DOI :
10.1109/CCST.2005.1594819
Filename :
1594819
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3263076
بازگشت