TCP/IP Model and Intrusion Detection Systems

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Safaa Zaman Articles by Fakhri Karray

2009 International Conference on Advanced Information Networking and Applications Workshops

Bradford, United Kingdom

May 26-May 29

ISBN: 978-0-7695-3639-2

	ASCII Text	x
	Safaa Zaman, Fakhri Karray, "TCP/IP Model and Intrusion Detection Systems," Advanced Information Networking and Applications Workshops, International Conference on, pp. 90-96, 2009 International Conference on Advanced Information Networking and Applications Workshops, 2009.

	BibTex	x
	@article{ 10.1109/WAINA.2009.12, author = {Safaa Zaman and Fakhri Karray}, title = {TCP/IP Model and Intrusion Detection Systems}, journal ={Advanced Information Networking and Applications Workshops, International Conference on}, volume = {0}, year = {2009}, isbn = {978-0-7695-3639-2}, pages = {90-96}, doi = {http://doi.ieeecomputersociety.org/10.1109/WAINA.2009.12}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Advanced Information Networking and Applications Workshops, International Conference on TI - TCP/IP Model and Intrusion Detection Systems SN - 978-0-7695-3639-2 SP90 EP96 A1 - Safaa Zaman, A1 - Fakhri Karray, PY - 2009 KW - Intrusion detection systems KW - TCP/IP network model KW - features selection KW - features ranking KW - support vector machines KW - support vector decision function VL - 0 JA - Advanced Information Networking and Applications Workshops, International Conference on ER -

Safaa Zaman

Fakhri Karray

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/WAINA.2009.12

To accommodate the information security growth and hacker's improved strategies and tools, Intrusion Detection Systems (IDSs) are required to be allocated across the network. Furthermore, previous studies showed that the choice of network features used for the IDS is dependent on the type of the attack. Accordingly, each TCP/IP network layer has specific type of network attacks, which means that each TCP/IP network layer needs a specific type of IDS. This paper proposes a new categorization for IDS depending on the TCP/IP network model: Application layer IDS (AIDS), Transport layer IDS (TIDS), Network layer IDS (NIDS) and Link layer IDS (LIDS). Each of these IDS types is specialized to a specific network device. So, the detection process will be distributed among all TCP/IP network model layers through the network devices. To design each of these different types of IDS, several experiments have been conducted using two different features selection approaches to select the appropriate features set for each IDS type. The experimental results indicate that each IDS type has different features set that can not only improve the overall performance of the IDS, but it also can improve its scalability.

Index Terms:

Intrusion detection systems, TCP/IP network model, features selection, features ranking, support vector machines, support vector decision function

Citation:

Safaa Zaman, Fakhri Karray, "TCP/IP Model and Intrusion Detection Systems," waina, pp.90-96, 2009 International Conference on Advanced Information Networking and Applications Workshops, 2009

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.