formularioHidden
formularioRDF
Login

Erregistratu

Edo nahiago baduzu...

 

Panel Informazioa

Utilizamos cookies propias y de terceros para mejorar tu experiencia de navegación. Al continuar con la navegación entendemos que aceptas nuestra política de cookies.

Integrating Network Misuse and Anomaly Prevention

Inproceeding

In

INDIN (), 2008 (), p. 586-591 , -.
Daejeon
,
Korea
, 2008

Abstract

Network Intrusion Detection Systems (NIDS) aim at preventing network attacks and unauthorised remote use of computers. More accurately, depending on the kind of attack it targets, NIDS can be oriented to detect misuses (by defining all possible attacks) or anomalies (by modelling legitimate behaviour to find those that do not fit into that model). Still, since their problem knowledge is restricted to possible attacks, misuse detection fails to notice anomalies and vice versa. Against this background, this paper proposes a third alternative that hybrids misuse and anomaly prevention. In this way, ESIDE-Depian uses a Bayesian Network to learn from both anomaly and misuse knowledge in order to be able to detect either kind of attacks, known and unknown. Finally, we evaluate ESIDE-Depian against all kind of menaces to prove in which degree it has been achieved to integrate both approaches.

Baliabide honi buruz...

Bisitak 96

Kategoriak: