Variable-length signatures for intrusion detection

DSpace/Manakin Repository


Search DR-NTU

Advanced Search Subject Search


My Account

Variable-length signatures for intrusion detection

Show full item record

Title: Variable-length signatures for intrusion detection
Author: Li, Zhuowei; Das, Amitabha; Zhou, Jianying; Patra, Jagdish Chandra
Copyright year: 2008
Abstract: Intrusion detection has become a basic infrastructure to guarantee the security of most internetworking applications. With more internetworking applications in the Internet nowadays, enormous volume of audit trails are produced for the analysis within intrusion detection. For this reason, it is critical to reduce the detection computation of intrusion detection to meet the realtime detection requirement. In this paper, using a formal intrusion detection framework, we propose a new concept of variable-length signature, along with feature selection, to compress the behavior models of our intrusion detection system, USAID[7], that achieves promising detection performance. Intuitively, compact behavior models will make the detection process computationally much cheaper. Our experimental results show that the proposed technique will degrade the detection rate of unknown intrusions, and fortunately, that it achieves a high detection rate for known intrusions with a significantly reduced false alarm rate. As a result, compared to USAID, the size of the behavior model is decreased by 99.52%, and the detection computation is cut down by 81.15% at least.
Subject: DRNTU::Engineering::Computer science and engineering::Computer systems organization::Computer-communication networks
Type: Journal Article
Series/ Journal Title: Computer systems science and engineering
School: School of Computer Engineering
Rights: © 2008 CRL Publishing. This is the author created version of a work that has been peer reviewed and accepted for publication by International Journal of Computer Systems Science & Engineering, CRL Publishing. It incorporates referee’s comments but changes resulting from the publishing process, such as copyediting, structural formatting, may not be reflected in this document. The published version is available at: [Article URL: http://arnetminer.org/publication/variable-length-signatures-for-intrusion-detection-3465859.html].
Version: Accepted Version

Files in this item

Files Size Format View
Variable-length ... or intrusion detection.pdf 305.6Kb PDF View/Open

This item appears in the following Collection(s)

Show full item record


Total views

All Items Views
Variable-length signatures for intrusion detection 626

Total downloads

All Bitstreams Views
Variable-length signatures for intrusion detection.pdf 115
2008May_CompSystScienceand Engg_vol23_no3_pp183_192.PDF 8

Top country downloads

Country Code Views
Singapore 43
United States of America 34
China 23
France 8
Russian Federation 5

Top city downloads

city Views
Singapore 43
Mountain View 29
Beijing 8
Saint Petersburg 4
Hawthorn 1