By Topic

Behavior-based network security goes mainstream

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)

Traditional network-based security examines traffic for code patterns or signatures that have been part of past intrusions or virus attacks. If known malicious code is found, security systems stop the suspect transmission. Although this approach can be effective, it also has limitations. For example, signature-based security frequently has trouble recognizing new types of attacks or older kinds in which known code strings have been altered somewhat, an approach many hackers use. Behavior-based security, on the other hand, learns the normal behavior of traffic and systems and then continually examines them for potentially harmful anomalies and for behavior that frequently accompanies incidents. This approach recognizes attacks based on what they do, rather than whether their code matches strings used in a specific past incident. Several vendors are thus beginning to make behavior-based security widely available to organizations via services, appliances, and software products. And some ISPs are protecting their entire networks via behavior-based services. However, widespread adoption of behavior-based security faces numerous obstacles, including complexity and a higher number of false positives than signature-based systems.

Published in:

Computer  (Volume:39 ,  Issue: 3 )