Agent-Based Real Time Intrusion Detection System Against Malformed Packet Attacks
暂无分享,去创建一个
The current paper proposes a network-based Intrusion Detection System (IDS) that can efficiently detect attacks based on malformed packets that continues to increase, along with more intelligent and skillful hacking techniques. Our system firstly extracts the important features from network packets and analyzes simple attacks and detects IP fragmentation attacks. Thereafter, it collects information from the SA and the FA and other strange information related to the malformed packet. Finally, it judges whether or not an intrusion has occurred on the basis of information gathered from target systems by CAs. The simulation result shows 0% false-positive and 0% false-negative, 100% detection ratio, thereby confirming the accuracy of the proposed IDS in detecting fragmentation attacks.
[1] Behrouz A. Forouzan. TCP/IP Protocol Suite , 1999 .
[2] Shawn Ostermann,et al. Detecting network intrusions via a statistical analysis of network packet characteristics , 2001, Proceedings of the 33rd Southeastern Symposium on System Theory (Cat. No.01EX460).
[3] Lucas M. Venter,et al. A comparison of Intrusion Detection systems , 2001, Comput. Secur..
[4] Paul E. Proctor,et al. Practical Intrusion Detection Handbook , 2000 .