NESG

Icono Icono

Icono Icono

Network-based Hybrid Intrusion Detection and Honeysystems as Active Reaction Schemes

Pedro García-Teodoro; Jesús Esteban Díaz Verdejo; Gabriel Maciá-Fernández; Leovigildo Sánchez Casado
Abstract:
This paper presents some proposals and contributions in network-based intrusion-related technologies. Two key points are discussed in this line: anomaly-based intrusion detection, and active response mechanisms. The first issue is mainly focused on the consideration of a stochastic approach to model the normal behavior of the network system to be monitored and protected. This anomaly-based detection methodology is combined with a signature-based one, thus resulting in a hybrid detection system, in order to improve the overall detection throughput. On the other hand, a honeysystem-based approach is also introduced to deal with the development of a pro-active response mechanism in the context of intrusion detection technologies. Both of the aspects, detection and reaction, will be studied as functional modules of an integral intrusion platform developed from a current available IDS tool.
Research areas:
Year:
2007
Type of Publication:
Article
Journal:
International Journal of Computer Science and Network Security, IJCSNS
Volume:
7
Number:
10
Pages:
62-70
ISSN:
1738-7906
Hits: 1551