Title :
A Traffic Classification Algorithm for Intrusion Detection
Author :
Abbes, Tarek ; Bouhoula, Adel ; Rusinowitch, Michaël
Author_Institution :
ISECS, Sfax
Abstract :
We propose in this paper a new intrusion detection method for supporting high speed traffic. As in firewalls and routers, we rely on packet classification to specialize the task of several network intrusions detection systems (NIDSs). We build several traffic classes regarding the network configuration and the traffic properties. Then we consider the NIDS characteristics to select for each class the suitable intrusion detection method. Our idea offers several advantages such as load balancing, fault tolerance and attack prevention. We express our traffic classification method by means of traffic division rules. Then we adequately construct the paths of these rules to reduce the overlapping cases. We transform the rule paths in a prefix trie that we complete by failure links to finally get a directed acyclic graph (DAG). We believe that our classification method is useful for other problems such as firewalling, routing and billing.
Keywords :
directed graphs; security of data; telecommunication security; telecommunication traffic; directed acyclic graph; network intrusions detection system; packet classification; traffic classification algorithm; traffic division rule; Acceleration; Classification algorithms; Engines; Inspection; Intrusion detection; Load management; Routing; Runtime; Telecommunication traffic; Transport protocols;
Conference_Titel :
Advanced Information Networking and Applications Workshops, 2007, AINAW '07. 21st International Conference on
Conference_Location :
Niagara Falls, Ont.
Print_ISBN :
978-0-7695-2847-2
DOI :
10.1109/AINAW.2007.62
