An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Bayesian Event Classification for Intrusion Detection
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automatically Adapting a Trained Anomaly Detector to Software Patches
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Multiagent Security Evaluation Framework for Service Oriented Architecture Systems
KES '09 Proceedings of the 13th International Conference on Knowledge-Based and Intelligent Information and Engineering Systems: Part I
A mobile agent approach to intrusion detection in network systems
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part II
| Hi-index | 0.00 |
Network anomalies refer to situations when observed network traffic deviate from normal network behaviour. In this paper, we propose a general framework which assumes the use of many different attack detection methods and show a way to integrate their results. We checked our approach by the use of network topology analysis methods applied to communication graphs. Based on this evaluation, we have proposed a measure called the AttackScore, which assesses the risk of an on-going attack and distinguishes between the effectiveness of the analytic measures used to detect it.