论文信息 - PGNIDS(Pattern-Graph Based Network Intrusion Detection System) Design

PGNIDS(Pattern-Graph Based Network Intrusion Detection System) Design

PGNIDS(Pattern-Graph based Network Intrusion Detection System) generates the audit data that can estimate intrusion with the packets collected from network. An existing IDS(Intrusion Detection System), when it estimates an intrusion by reading all the incoming packets in network, takes more time than the proposed PGNIDS does. As this proposed PGNIDS not only classifies the audit data into alert and log through ADGM(Audit Data Generation Module) and stores them in the database, but also estimates the intrusion by using pattern graph that classifies IDPM(Intrusion Detection Pattern Module) and event type, Therefore, it takes less time to collect packets and analyze them than the existing IDS, and reacts about abnormal intrusion real time. In addition, it is possible for this to detect the devious intrusion detection by generating pattern graph.

Byung kwan Lee | Seung Hae Yang | Dong-Hyuck Kwon | Dai-Youn Kim

[1] John Braun,et al. Internet security , 2001 .

[2] B. Yener,et al. Internet Security , 2003 .

[3] Peter Mell,et al. NIST Special Publication on Intrusion Detection Systems , 2001 .