Time Based Intrusion Detection on Fast Attack for Network Intrusion Detection System
In recent years network attack are easily launch since the tools to execute the attack are freely available on the Internet. Even the script kiddies can initiate a sophisticated attack with just a basic knowledge on network and software technology. To overcome this matter, Intrusion Detection S...
| Main Authors: | , , , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2010
|
| Subjects: | |
| Online Access: | http://eprints.utem.edu.my/id/eprint/193/ http://eprints.utem.edu.my/id/eprint/193/1/4177a148-time_based_ids_on_fast_attack_NIDS.pdf |
| Summary: | In recent years network attack are easily
launch since the tools to execute the attack are freely
available on the Internet. Even the script kiddies can
initiate a sophisticated attack with just a basic
knowledge on network and software technology. To
overcome this matter, Intrusion Detection System (IDS)
has been used as a vital instrument in defending the
network from this malicious activity. With the ability to
analyze network traffic and recognize incoming and ongoing
network attack, majority of network
administrator has turn to IDS to help them in detecting
anomalies in network traffic. The gathering of
information and analysis on the anomalies activity can
be classified into fast and slow attack. Since fast attack
activity make a connection in few second and uses a
large amount of packet, detecting this early connection
provide the administrator one step ahead in deflecting
further damages towards the network infrastructure.
This paper describes IDS that detects fast attack
intrusion using time based detection method. The time
based detection method calculates the statistic of the
frequency event which occurs between one second time
intervals for each connection made to a host thus
providing the crucial information in detecting fast
attack. |
|---|