LOGIN TO YOUR ACCOUNT

Username
Password
Remember Me
Or use your Academic/Social account:

CREATE AN ACCOUNT

Or use your Academic/Social account:

Congratulations!

You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.

Important!

Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message

CREATE AN ACCOUNT

Name:
Username:
Password:
Verify Password:
E-mail:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Tedesco, Gianni; Aickelin, Uwe (2008)
Languages: English
Types: Unknown
Subjects: Computer Science - Neural and Evolutionary Computing, Computer Science - Cryptography and Security
Network intrusion detection systems are themselves becoming targets of attackers. Alert flood attacks may be used to conceal malicious activity by hiding it among a deluge of false alerts sent by the attacker. Although these types of attacks are very hard to stop completely, our aim is to present techniques that improve alert throughput and capacity to such an extent that the resources required to successfully mount the attack become prohibitive. The key idea presented is to combine a token bucket filter with a realtime correlation algorithm. The proposed algorithm throttles alert output from the IDS when an attack is detected. The attack graph used in the correlation algorithm is used to make sure that alerts crucial to forming strategies are not discarded by throttling.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] ZDNet UK News. 
    • curity/0,39020375,2085099,00.htm
    • [2]   G.   Coretex.   “Fun   With   Packets:   Designing   a 
    • Stick.” Endeavor Systems Inc., 2002.
    • [3] T.  H.  Ptacek  and  N.  N. Newsham.    "Insertion, 
    • Intrusion Detection.” Secure Networks Inc., 1998. [4]   Xinzhou   Qin.   Wenke   Lee.   “Attack   Plan 
    • Security Applications Conference, 2004. [5]   Peng   Ning.   Yen   Cui,   and   Douglas   S   Reeves. 
    • of   Intrusion   Alerts.”  Proceedings   of   the   9th   ACM  
    • Security. 2002. pp.  245­254.
    • [6] Peng Ning, Dingbang X, Christopher G. Healey, 
    • Methods.” Proceedings of the 11th Annual Network  
    • and Distributed System Security Symposium,  2004, 
    • pp. 97­111.
    • [7] Oleg Sheyner, Joshua Haines and Somesh Jha. 
    • Security and Privac,. 2002. pp. 273.
    • [8]   "The   Science   of   Intrusion   Detection   System 
    • Attack   Identification."  Cisco   Systems.2002,  
    • [9] Sniph. “snot “. 2001.
    • [10] Marty Roesch. "Snort ­ Lightweight Intrusion 
    • Detection   for   Networks".  USENIX   13th  Systems  
    • Administration Conference, 1999.
    • [11]   G.   Woodruff,   R.   Rogers   and   P.   Richards.   "A 
    • [12] R. Wade, M. Kara and P.M. Dew. "Study of a 
    • [13] J. Turner. "New directions in communications 
    • Communications Magazine,Vol.24, No.10, pp. 8­15. [14]   Lingyu   Wang,     Anyi   Liu   and   Sushil   Jajoda. 
    • Security, 2005. pp. 247­266. [15]   Sushil   Jajodia,  Steve   Noel   and     Brian   O'Berry. 
    • Challenges, 2005. Springer. pp. 248­266. [16]   Martin   Devera.   "Hierarchical   token   bucket 
    • theory." 2002.
    • [17] Gianni Tedesco. 2005. Firestorm IDS.
    • [18]   Leres   Van   Jacobson,   Craig   McCanne   and 
    • [19] Shmoo Group. “CCTF Defcon Data”. 2001.
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article