Threshold verification using Statistical Approach for Fast Attack Detection
Network has grows to a mammoth size and becoming more complex, thus exposing the services it offers towards multiple types of intrusion vulnerabilities. One method to overcome intrusion is by introducing Intrusion Detection System (IDS) for detecting the threat before it can damage the network resou...
| Main Authors: | , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/188/ http://eprints.utem.edu.my/id/eprint/188/1/ICOCI09.doc |
| _version_ | 1848886900472938496 |
|---|---|
| author | Abdollah, M. F. Mas'ud, M. Z. Sahib, S. Yusof, R. Selamat, S. R. |
| author_facet | Abdollah, M. F. Mas'ud, M. Z. Sahib, S. Yusof, R. Selamat, S. R. |
| author_sort | Abdollah, M. F. |
| building | UTeM Institutional Repository |
| collection | Online Access |
| description | Network has grows to a mammoth size and becoming more complex, thus exposing the services it offers towards multiple types of intrusion vulnerabilities. One method to overcome intrusion is by introducing Intrusion Detection System (IDS) for detecting the threat before it can damage the network resources. IDS have the ability to analyze network traffic and recognize incoming and on-going network attack. In detecting intrusion attack, Information gathering on such activity can be classified into fast attack and slow attack. Yet, majority of the current intrusion detection systems do not have the ability to differentiate between these two types of attacks. Early detection of fast attack is very useful in a real time environment; in which it can help the targeted network from further intrusion that could let the intruder to gain access to the vulnerable machine. To address this challenge, this paper introduces a fast attack detection framework that set a threshold value to differentiate between the normal network traffic and abnormal network traffic on the victim perspective. The threshold value is abstract with the help of suitable set of feature used to detect the anomaly in the network. By introducing the threshold value, anomaly based detection can build a complete profile to detect any intrusion threat as well as at the same time reducing it false alarm alert. |
| first_indexed | 2025-11-15T19:45:50Z |
| format | Conference or Workshop Item |
| id | utem-188 |
| institution | Universiti Teknikal Malaysia Melaka |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T19:45:50Z |
| publishDate | 2009 |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | utem-1882015-05-28T02:17:11Z http://eprints.utem.edu.my/id/eprint/188/ Threshold verification using Statistical Approach for Fast Attack Detection Abdollah, M. F. Mas'ud, M. Z. Sahib, S. Yusof, R. Selamat, S. R. Q Science (General) Network has grows to a mammoth size and becoming more complex, thus exposing the services it offers towards multiple types of intrusion vulnerabilities. One method to overcome intrusion is by introducing Intrusion Detection System (IDS) for detecting the threat before it can damage the network resources. IDS have the ability to analyze network traffic and recognize incoming and on-going network attack. In detecting intrusion attack, Information gathering on such activity can be classified into fast attack and slow attack. Yet, majority of the current intrusion detection systems do not have the ability to differentiate between these two types of attacks. Early detection of fast attack is very useful in a real time environment; in which it can help the targeted network from further intrusion that could let the intruder to gain access to the vulnerable machine. To address this challenge, this paper introduces a fast attack detection framework that set a threshold value to differentiate between the normal network traffic and abnormal network traffic on the victim perspective. The threshold value is abstract with the help of suitable set of feature used to detect the anomaly in the network. By introducing the threshold value, anomaly based detection can build a complete profile to detect any intrusion threat as well as at the same time reducing it false alarm alert. 2009-06 Conference or Workshop Item PeerReviewed application/msword en http://eprints.utem.edu.my/id/eprint/188/1/ICOCI09.doc Abdollah, M. F. and Mas'ud, M. Z. and Sahib, S. and Yusof, R. and Selamat, S. R. (2009) Threshold verification using Statistical Approach for Fast Attack Detection. In: International Conference on Computing and Informatics (ICOCI) 2009, 24-25 June 2009, Kuala Lumpur, Malaysia. |
| spellingShingle | Q Science (General) Abdollah, M. F. Mas'ud, M. Z. Sahib, S. Yusof, R. Selamat, S. R. Threshold verification using Statistical Approach for Fast Attack Detection |
| title | Threshold verification using Statistical Approach for Fast Attack Detection |
| title_full | Threshold verification using Statistical Approach for Fast Attack Detection |
| title_fullStr | Threshold verification using Statistical Approach for Fast Attack Detection |
| title_full_unstemmed | Threshold verification using Statistical Approach for Fast Attack Detection |
| title_short | Threshold verification using Statistical Approach for Fast Attack Detection |
| title_sort | threshold verification using statistical approach for fast attack detection |
| topic | Q Science (General) |
| url | http://eprints.utem.edu.my/id/eprint/188/ http://eprints.utem.edu.my/id/eprint/188/1/ICOCI09.doc |