Analysis and evaluation of network intrusion detection methods to uncover data theft
作者: Julien Corsini
DOI:
关键词:
摘要: Nowadays, the majority of corporations mainly use signature-based intrusion detection. This trend is partly due to fact that signature detection a well-known technology, as opposed anomaly which one hot topics in network security research. A second reason for this may be detectors are known generate many alerts, being false alarms. Corporations need concrete comparisons between different tools order choose best suited their needs. thesis aims at comparing an detector with establish detect data theft threat. The aim influence training period length Intrusion Detection System (IDS) on its rate. presents Network-based (NIDS) evaluation testbed setup. It shows setup two IDSes, Snort and Statistical Packet Anomaly Engine (SPADE). also includes scenario (reconnaissance, brute force attack server theft). results from experiments carried out proved inconclusive, SPADE requires configuration adapted monitored. Despite experimental could act documentation setting up NIDS testbed. considered SPADE. statement made observation there no centralised about SPADE, not single research paper documents
bl.uk
napier.ac.uk参考文章(58)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Philip K. Chan, Matthew V. Mahoney, PHAD: packet header anomaly detection for identifying hostile network traffic ,(2001)
Kevin J. Houle, George M. Weaver, Trends in Denial of Service Attack Technology ,(2001)
Hossein Bidgoli, Handbook of Information Security John Wiley & Sons, Inc.. ,(2005)
Lionel Saliou, Jamie Graves, William J Buchanan, L John Old, Performance analysis of network based forensic systems for in-line and out-of-line detection and logging. ,(2006)
Sean Peisert, Matt Bishop, How to Design Computer Security Experiments Proceedings of the Fifth World Conference on Information Security Education. ,vol. 2007, pp. 141- 148 ,(2007) , 10.1007/978-0-387-73269-5_19
Dennis Longley, Lam-for Kwok, Peggy Fung, Electronic information security documentation ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21. pp. 25- 31 ,(2003)
Peter Mell, Rebecca Bace, NIST Special Publication on Intrusion Detection Systems ,(2001)
Stefan Axelsson, Intrusion Detection Systems: A Survey and Taxonomy ,(2002)
Wenke Lee, Salvatore J. Stolfo, Data mining approaches for intrusion detection usenix security symposium. pp. 6- 6 ,(1998) , 10.21236/ADA401496