• DocumentCode
    460848
  • Title

    An Attack-Feedback-Based Approach for Verifying the Success of Intrusion Attempts

  • Author

    Tian, Zhi-hong ; Li, Bin ; Zhang, Hong-Li

  • Author_Institution
    Res. Center of Comput. Network & Inf. Security Technol., Harbin Inst. of Technol.
  • Volume
    1
  • fYear
    2006
  • fDate
    Nov. 2006
  • Firstpage
    629
  • Lastpage
    632
  • Abstract
    It is well-known that current intrusion detection systems produce large numbers of false alerts. Those low quality alerts make it very hard for administrators to understand and take appropriate actions. To deal with false positive, in this paper, an attack-feedback-based approach is introduced to verify the success of attacks. This method processes each packet as soon as it is received. When a suspect packet is indicative of an attack on an existing network service, the effects of that packet on the host will be further tracked by following the causal dependencies. The experimental results have shown that the proposed technique is highly effective in reducing the alert volume and verifying the success of intrusion attempts
  • Keywords
    security of data; attack-feedback-based approach; intrusion attempt verification; intrusion detection systems; network service; Application software; Computer displays; Computer networks; Design methodology; Frequency; Information security; Intrusion detection; Linux; Web server; Writing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Intelligence and Security, 2006 International Conference on
  • Conference_Location
    Guangzhou
  • Print_ISBN
    1-4244-0605-6
  • Electronic_ISBN
    1-4244-0605-6
  • Type

    conf

  • DOI
    10.1109/ICCIAS.2006.294212
  • Filename
    4072165