Research of intrusion detection system based on vulnerability scanner
作者: Guangming Yang , Dongming Chen , Jian Xu , Zhiliang Zhu
DOI: 10.1109/ICACC.2010.5486762
关键词:
摘要: Feature matching is an important way of network intrusion detection system. With the increasing attack types, rule database becomes more and larger course also increasingly complex, which makes IDS easily to lose packets. For problem above, two kinds signature customization methods based on open ports CVE number are designed in this paper. These integrate vulnerability scanner, help misuse NIDS select appropriate for protected host eliminate unnecessary through not modifying too much programs setting values NIDS. Some experiments have been done testing integrated The results show that can reduce rules, useless alerts improve efficiency after signature.
sci-hub.se 参考文章(6)
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6
Lih-Chyau Wuu, Chi-Hsiang Hung, Sout-Fong Chen, Building intrusion pattern miner for Snort network intrusion detection system Journal of Systems and Software. ,vol. 80, pp. 1699- 1715 ,(2007) , 10.1016/J.JSS.2006.12.546
V. Nikulin, Threshold-based clustering with merging and regularization in application to network intrusion detection Computational Statistics & Data Analysis. ,vol. 51, pp. 1184- 1196 ,(2006) , 10.1016/J.CSDA.2005.11.015
Wu Yang, Bin-Xing Fang, Bo Liu, Hong-Li Zhang, Intrusion detection system for high-speed network Computer Communications. ,vol. 27, pp. 1288- 1294 ,(2004) , 10.1016/J.COMCOM.2004.03.001
Pete Davies, Theodore Tryfonas, A lightweight web-based vulnerability scanner for small-scale computer network security assessment Journal of Network and Computer Applications. ,vol. 32, pp. 78- 95 ,(2009) , 10.1016/J.JNCA.2008.04.007
Christopher Kruegel, Giovanni Vigna, Anomaly detection of web-based attacks computer and communications security. pp. 251- 261 ,(2003) , 10.1145/948109.948144