Security system for encrypted environments (S2E2)

Authors:
Robert Koch;Gabi Dreo Rodosek
Affiliations:
Universität der Bundeswehr München, Neubiberg, Germany;Universität der Bundeswehr München, Neubiberg, Germany
Venue:
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Year:
2010

Citing 2
Cited 1

Experimenting with an Intrusion Detection System for Encrypted Networks

International Journal of Business Intelligence and Data Mining
The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection

SSHCure: a flow-based SSH intrusion detection system

AIMS'12 Proceedings of the 6th IFIP WG 6.6 international autonomous infrastructure, management, and security conference on Dependable Networks and Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

The percentage of encrypted network traffic increases steadily not only by virtual private networks of companies but also by protocols like SSH or SSL in the private sector. Traditional intrusion detection systems (IDS) are not able to cope with encrypted traffic. There are a few systems which are able to handle encrypted lines but none of them is applicable in general because of changed network protocols, a restricted application range (e.g., only able to find protocol-specific attacks) or very high false alarm rates. We propose a new IDS for non-intrusive, behavior-based intrusion- and extrusion detection in encrypted environments.