Protocol Analysis in Intrusion Detection Using Decision Tree
Identifieur interne : 003F10 ( Crin/Curation ); précédent : 003F09; suivant : 003F11Protocol Analysis in Intrusion Detection Using Decision Tree
Auteurs : Tarek Abbes ; Adel Bouhoula ; Michael RusinowitchSource :
English descriptors
- KwdEn :
Abstract
Network based intrusion detection are the most deployed IDS. They frequently rely on signature matching detection method and focus on the security of low level network protocols. Because of the large number of false positives from one side, and the incapacity to detect some attack types from another side, IDS must allow more interest to the monitoring of application level protocols. We propose in this paper a combination of pattern matching and protocol analysis approaches. While the first method of detection relies on a multipattern matching strategy, the second one benefits from an efficient decision tree adaptative to the network traffic characteristics.
Links toward previous steps (curation, corpus...)
- to stream Crin, to step Corpus: Pour aller vers cette notice dans l'étape Curation :003F10
Links to Exploration step
CRIN:abbes04bLe document en format XML
<record><TEI><teiHeader><fileDesc><titleStmt><title xml:lang="en" wicri:score="465">Protocol Analysis in Intrusion Detection Using Decision Tree</title>
</titleStmt>
<publicationStmt><idno type="RBID">CRIN:abbes04b</idno>
<date when="2004" year="2004">2004</date>
<idno type="wicri:Area/Crin/Corpus">003F10</idno>
<idno type="wicri:Area/Crin/Curation">003F10</idno>
<idno type="wicri:explorRef" wicri:stream="Crin" wicri:step="Curation">003F10</idno>
</publicationStmt>
<sourceDesc><biblStruct><analytic><title xml:lang="en">Protocol Analysis in Intrusion Detection Using Decision Tree</title>
<author><name sortKey="Abbes, Tarek" sort="Abbes, Tarek" uniqKey="Abbes T" first="Tarek" last="Abbes">Tarek Abbes</name>
</author>
<author><name sortKey="Bouhoula, Adel" sort="Bouhoula, Adel" uniqKey="Bouhoula A" first="Adel" last="Bouhoula">Adel Bouhoula</name>
</author>
<author><name sortKey="Rusinowitch, Michael" sort="Rusinowitch, Michael" uniqKey="Rusinowitch M" first="Michael" last="Rusinowitch">Michael Rusinowitch</name>
</author>
</analytic>
</biblStruct>
</sourceDesc>
</fileDesc>
<profileDesc><textClass><keywords scheme="KwdEn" xml:lang="en"><term>intrusion detection</term>
<term>protocal analysis</term>
</keywords>
</textClass>
</profileDesc>
</teiHeader>
<front><div type="abstract" xml:lang="en" wicri:score="2338">Network based intrusion detection are the most deployed IDS. They frequently rely on signature matching detection method and focus on the security of low level network protocols. Because of the large number of false positives from one side, and the incapacity to detect some attack types from another side, IDS must allow more interest to the monitoring of application level protocols. We propose in this paper a combination of pattern matching and protocol analysis approaches. While the first method of detection relies on a multipattern matching strategy, the second one benefits from an efficient decision tree adaptative to the network traffic characteristics.</div>
</front>
</TEI>
<BibTex type="inproceedings"><ref>abbes04b</ref>
<crinnumber>A04-R-223</crinnumber>
<category>3</category>
<equipe>CASSIS</equipe>
<author><e>Abbes, Tarek</e>
<e>Bouhoula, Adel</e>
<e>Rusinowitch, Michael</e>
</author>
<title>Protocol Analysis in Intrusion Detection Using Decision Tree</title>
<booktitle>{International Conference on Information Technology : Coding and Computing - ITCC'04, Las Vegas, Nevada, USA}</booktitle>
<year>2004</year>
<volume>1</volume>
<pages>404--408</pages>
<month>Apr</month>
<keywords><e>protocal analysis</e>
<e>intrusion detection</e>
</keywords>
<abstract>Network based intrusion detection are the most deployed IDS. They frequently rely on signature matching detection method and focus on the security of low level network protocols. Because of the large number of false positives from one side, and the incapacity to detect some attack types from another side, IDS must allow more interest to the monitoring of application level protocols. We propose in this paper a combination of pattern matching and protocol analysis approaches. While the first method of detection relies on a multipattern matching strategy, the second one benefits from an efficient decision tree adaptative to the network traffic characteristics.</abstract>
</BibTex>
</record>
Pour manipuler ce document sous Unix (Dilib)
EXPLOR_STEP=$WICRI_ROOT/Wicri/Lorraine/explor/InforLorV4/Data/Crin/Curation
HfdSelect -h $EXPLOR_STEP/biblio.hfd -nk 003F10 | SxmlIndent | more
Ou
HfdSelect -h $EXPLOR_AREA/Data/Crin/Curation/biblio.hfd -nk 003F10 | SxmlIndent | more
Pour mettre un lien sur cette page dans le réseau Wicri
{{Explor lien |wiki= Wicri/Lorraine |area= InforLorV4 |flux= Crin |étape= Curation |type= RBID |clé= CRIN:abbes04b |texte= Protocol Analysis in Intrusion Detection Using Decision Tree }}
![]() | This area was generated with Dilib version V0.6.33. | ![]() |