Incorporating Data Mining Tools into a New Hybrid-IDS to Detect Known and Unknown Attacks

Modern network attacks range from fully automated to multilayer attacks. Vulnerabilities in a system are exploited by an intelligent attacker to facilitate to do anything from denial of service (DoS) attacks to the system takeover. This paper addresses the development of an architecture that includes the use of fault tolerance and honeypot technology to provide layered protection to avoid a single point of failure.

[1]  Christopher Krügel,et al.  A multi-model approach to the detection of web-based attacks , 2005, Comput. Networks.

[2]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[3]  Morris I Bolsky,et al.  The KornShell command and programming language , 1989 .

[4]  Kazuhiko Kato,et al.  Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix , 2004, RAID.

[5]  Arthur B. Maccabe,et al.  The architecture of a network level intrusion detection system , 1990 .

[6]  Tharam S. Dillon,et al.  An application of neural network and rule-based system for network management: application level problems , 1997, Proceedings of the Thirtieth Hawaii International Conference on System Sciences.

[7]  Tharam S. Dillon,et al.  Automated knowledge acquisition , 1994, Prentice Hall International series in computer science and engineering.

[8]  Richard E. Neapolitan,et al.  Probabilistic reasoning in expert systems - theory and algorithms , 2012 .