PL EN


Preferencje help
Widoczny [Schowaj] Abstrakt
Liczba wyników
Tytuł artykułu

Snort IDS Hybrid ADS Preprocessor

Wybrane pełne teksty z tego czasopisma
Identyfikatory
Warianty tytułu
Języki publikacji
EN
Abstrakty
EN
The paper presents hybrid anomaly detection preprocessor for SNORT IDS - Intrusion Detection System [1] base on statistical test and DWT - Discrete Wavelet Transform coefficient analysis. Preprocessor increases functionality of SNORT IDS system and has complementary properties. Possibility of detection network anomalies is increased by using two different algorithms. SNORT captures network traffic features which are used by ADS (Anomaly Detection System) preprocessor for detecting anomalies. Chi-square statistical test and DWT subband coefficients energy values are used for calculating of normal network traffic profiles. We evaluated proposed SNORT extension with the use of test network.
Twórcy
  • Institute of Telecommunications, University of Technology & Life Sciences in Bydgoszcz ul. Kaliskiego 7, 85-789 Bydgoszcz, Poland
autor
  • Institute of Telecommunications, University of Technology & Life Sciences in Bydgoszcz ul. Kaliskiego 7, 85-789 Bydgoszcz, Poland
Bibliografia
  • [1] SNORT IDS http://http://www.snort.org/
  • [2] N. Ye, Q. Chen, S.M. Emran, ”Chi-squared statistical profiling for anomaly detection,” In Proc. IEEE SMC Inform. Assurance Security Workshop, West Point, pp. 182-188, 2000
  • [3] A. Scherrer, N. Larrieu, P. Owezarski, P. Borgant, P. Abry, Non-Gaussian and Long Memory Statistical Characterizations for Internet Traffic with Anomalies, IEEE Trans. On Dependable and Secure Computing, Vol. 4 No. 1, 2007 [Web of Science]
  • [4] M. Choraś, Ł. Saganowski, R. Renk, W. Hołubowicz, Statistical and signal-based network traffic recognition for anomaly detection, In: Expert Systems, Vol. 29, No. 3, pp. 232-245, July 2012
  • [5] N. Ye,X. Li, Q. Chen,S. Masum Emran, M. Xu, Probabilistic techniques for intrusion detection based on computer audit data, IEEE Trans. On Systems, Man and Cybernetics-Part A: Systems and Humans, Vol. 31, No. 4, 2001
  • [6] A. Dainotti, A. Pescape, G. Ventre, Wavelet-based Detection of DoS Attacks, IEEE GLOBECOM - Nov 2006, San Francisco (CA, USA), 2006
  • [7] L. Wei, A. Ghorbani, Network Anomaly Detection Based on Wavelet Analysis, In EURASIP Journal on Advances in Signal Processing, Vol. 2009, Art.ID 837601, 16 pages, doi:10.1155/2009/837601, 2009
  • [8] A. Grossman,J. Morlet, Decompositions of Functions into Wavelets of Constant Shape, and Related Transforms, Mathematics and Physics: Lectures an Recent Results, L. Streit, 1985
  • [9] W. Sweldens, The Lifting Scheme: A Custom- Design Construction of Biorthogonal Wavelets, Applied and Computational Harmonic Analysis, Vol. 3, No. 15, pp. 186-200, 1996
  • [10] A. Lakhina, M. Crovella, CH. Diot, Characterization of network-wide anomalies in traffic flows, In Proceedings of the 4th ACM SIGCOMM conference on Internet measurement, pp. 201-206, 2004
  • [11] BackTrack Linux http://www.backtrack-linux.org/
  • [12] Metasploit Framework http://www.metasploit.com
Typ dokumentu
Bibliografia
Identyfikator YADDA
bwmeta1.element.baztech-a2a520ea-7cee-4309-9453-6c4d86dedea4
JavaScript jest wyłączony w Twojej przeglądarce internetowej. Włącz go, a następnie odśwież stronę, aby móc w pełni z niej korzystać.