Architecture and performance evaluation of a hybrid intrusion detection system for IP telephony
作者: Bazara I. A. Barry , H. A. Chan
DOI: 10.1002/SEC.174
关键词: Intrusion detection system 、 Computer network 、 Host (network) 、 Network layer 、 Computer science 、 Internet Protocol 、 Application layer 、 Voice over IP 、 Host-based intrusion detection system 、 Telephone network
摘要: Convergence in networks and applications enables carrying voice, video, other data on the same IP-based infrastructure, provides various services related to these kinds of a unified way. Such scheme benefits businesses substantially considering lesser cost building managing single network infrastructure instead two separate ones. However, poses serious threats security solutions general, intrusion detection systems (IDSs) particular. Inherited flaws vulnerabilities TCP/IP protocols at lower layers make voice susceptible risks it has never been subjected before public switched telephone (PSTNs). Signaling delivery application layer have their weaknesses too which breaching confidentiality integrity relatively easy. In this paper, we present design implementation hybrid, host-based system that is suitable for converged environments. Our unique terms providing an efficient combination specification-based signature-based techniques. Specification-based modules provide solid awareness semantics as well syntax involved. solution goes beyond addressing issues address transport The feasibility our proven through excellent accuracy reasonable performance evaluation figures get from experiment. Copyright © 2010 John Wiley & Sons, Ltd.
sci-hub.se 参考文章(24)
Ivan Balepin, Sergei Maltsev, Jeff Rowe, Karl Levitt, Using specification-based intrusion detection for Automated response recent advances in intrusion detection. pp. 136- 154 ,(2003) , 10.1007/978-3-540-45248-5_8
Jean-Marie Orset, Baptiste Alcalde, Ana Cavalli, An EFSM-Based Intrusion Detection System for Ad Hoc Networks Automated Technology for Verification and Analysis. pp. 400- 413 ,(2005) , 10.1007/11562948_30
R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, S. Zhou, Specification-based anomaly detection Proceedings of the 9th ACM conference on Computer and communications security - CCS '02. pp. 265- 274 ,(2002) , 10.1145/586110.586146
Aurobindo Sundaram, An introduction to intrusion detection ACM Crossroads Student Magazine. ,vol. 2, pp. 3- 7 ,(1996) , 10.1145/332159.332161
Richard Lippmann, Joshua W Haines, David J Fried, Jonathan Korba, Kumar Das, The 1999 DARPA off-line intrusion detection evaluation recent advances in intrusion detection. ,vol. 34, pp. 579- 595 ,(2000) , 10.1016/S1389-1286(00)00139-0
D. Lee, M. Yannakakis, Principles and methods of testing finite state machines-a survey Proceedings of the IEEE. ,vol. 84, pp. 1090- 1123 ,(1996) , 10.1109/5.533956
Robin Sommer, Vern Paxson, Enhancing byte-level network intrusion detection signatures with context computer and communications security. pp. 262- 271 ,(2003) , 10.1145/948109.948145
Yongguang Zhang, Wenke Lee, Intrusion detection in wireless ad-hoc networks acm/ieee international conference on mobile computing and networking. pp. 275- 283 ,(2000) , 10.1145/345910.345958
Robert Durst, Terrence Champion, Brian Witten, Eric Miller, Luigi Spagnuolo, Testing and evaluating computer intrusion detection systems Communications of The ACM. ,vol. 42, pp. 53- 61 ,(1999) , 10.1145/306549.306571
K. Ilgun, R.A. Kemmerer, P.A. Porras, State transition analysis: a rule-based intrusion detection approach IEEE Transactions on Software Engineering. ,vol. 21, pp. 181- 199 ,(1995) , 10.1109/32.372146