|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06)
Intelligent Autonomic Strategy to Attacks in Network Infrastructure Protection: Feedback Methods to IDS, Using Policies, Alert Filters and Firewall Packet Filters for Multiple Protocols
Indiana University-Purdue University, Indianapolis, USA
September 29-October 01
ISBN: 0-7695-2539-3
| ASCII Text | x | ||
| Emmanuel Hooper, "Intelligent Autonomic Strategy to Attacks in Network Infrastructure Protection: Feedback Methods to IDS, Using Policies, Alert Filters and Firewall Packet Filters for Multiple Protocols," Dependable, Autonomic and Secure Computing, IEEE International Symposium on, pp. 235-244, 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06), 2006. | |||
| BibTex | x | ||
| @article{ 10.1109/DASC.2006.32, author = {Emmanuel Hooper}, title = {Intelligent Autonomic Strategy to Attacks in Network Infrastructure Protection: Feedback Methods to IDS, Using Policies, Alert Filters and Firewall Packet Filters for Multiple Protocols}, journal ={Dependable, Autonomic and Secure Computing, IEEE International Symposium on}, volume = {0}, year = {2006}, isbn = {0-7695-2539-3}, pages = {235-244}, doi = {http://doi.ieeecomputersociety.org/10.1109/DASC.2006.32}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - Dependable, Autonomic and Secure Computing, IEEE International Symposium on TI - Intelligent Autonomic Strategy to Attacks in Network Infrastructure Protection: Feedback Methods to IDS, Using Policies, Alert Filters and Firewall Packet Filters for Multiple Protocols SN - 0-7695-2539-3 SP235 EP244 A1 - Emmanuel Hooper, PY - 2006 KW - null VL - 0 JA - Dependable, Autonomic and Secure Computing, IEEE International Symposium on ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DASC.2006.32
The Intrusion Detection Systems (IDSs) currently in use are designed to monitor potential attacks in networks by triggering alerts. However these alerts consist of high volumes of false positives, triggered by suspicious but normal, benign connections. In this paper we discuss false positives and their impact on intrusion detection and response. Then we propose a novel approach for an efficient intelligent detection and response using "network quarantine Channels" (NQCs). The NQC is defined as subnet zones that respond to packets as they are diverted to its hosts for analysis before being permitted into the internal network. The innovative approach includes feedback mechanisms involving adaptive rules, alert filters and policies of the IDS network sensors for various protocols. The effect is the enhancement of the capability of the IDS to detect threats and benign attacks.
Citation:
Emmanuel Hooper, "Intelligent Autonomic Strategy to Attacks in Network Infrastructure Protection: Feedback Methods to IDS, Using Policies, Alert Filters and Firewall Packet Filters for Multiple Protocols," dasc, pp.235-244, 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing (DASC'06), 2006
Usage of this product signifies your acceptance of the Terms of Use.