Autor: |
Shi, Zhong-Zhi, Sadananda, Ramakoti, Kang, Dong-Ho, Kim, Byoung-Koo, Oh, Jin-Tae, Nam, Taek-Yong, Jang, Jong-Soo |
Zdroj: |
Agent Computing & Multi-Agent Systems; 2006, p801-806, 6p |
Abstrakt: |
Network intrusion detection systems often rely on matching patterns that are gleaned from known attacks. While this method is reliable and rarely produces false alarms, it has the obvious disadvantage that it cannot detect novel attacks. Accordingly, an alternative approach which can be a combination with pattern matching approach is needed. We have made effort to design and implement high speed protocol anomaly and signature based intrusion detection approach to detect known and unknown attacks. This approach extracts a set of service fields from the application payload where many attacks occur and analyzes the value of fields to verify attack. This approach is implemented on the FPGA (Xilinx Virtex II pro) device to process packet at gigabit-per-second data rates. Keywords: Network Security, Intrusion Detection, Protocol Anomaly Detection. [ABSTRACT FROM AUTHOR] |
Databáze: |
Complementary Index |
Externí odkaz: |
|