Referenced Items are not available for this document.
Since most of current intrusion detection systems (IDS) only use one of the two detection methods, misused detection or anomaly detection, both of them have their own limitations. In this paper, the technique that combines misuse detection system with anomaly detection system (ADS) is used. The hybrid intrusion detection system (HIDS) contains three sub-modules, misused detection module, anomaly detection module and signature generation module. The basis of misused detection module is snort. Anomaly detection module is constructed by using frequent episode rule. And signature generation module is based on a variant of a priori algorithm. Misused detection module uses the signature of attacks to detection the known attacks. Anomaly detection module can detect the unknown attacks and signature generation module extracts the signature of attacks that are detected by ADS module, and maps the signatures into snort rules.
Published in:
Machine Learning and Cybernetics, 2009 International Conference on
(Volume:3
)
Date of Conference: 12-15 July 2009
- Page(s):
- 1414 - 1418
- E-ISBN :
- 978-1-4244-3703-0
- Print ISBN:
- 978-1-4244-3702-3
- INSPEC Accession Number:
- 10845687
- Conference Location :
- Baoding
- Digital Object Identifier :
- 10.1109/ICMLC.2009.5212282
- Product Type:
- Conference Publications
About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies
A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.
