Remote Attack Detection Method in IDA: MLSI-Based Intrusion Detection using Discriminant Analysis

Authors:
Midori Asaka;Takefumi Onabuta;Tadashi Inoue;Shigeki Goto
Affiliations:
-;-;-;-
Venue:
SAINT '02 Proceedings of the 2002 Symposium on Applications and the Internet
Year:
2002

Citing 0
Cited 1

Network intrusion detection: Evaluating cluster, discriminant, and logit analysis

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

IDA (Intrsion Detection Agent system) monitors MLSIs and detects intrusions by analyzing information related to the MLSIs. We adopt discriminant analysis to detect remote attacks after IDA detects an MLSI. Discriminant analysis provides a classification function that IDA can separate intrusive activities from nonintrusive activities. In this paper, we define MLSIs in remote attacks and explain how we perform discriminant analysis to detect intrusions in detail. We also describe how to extract an sample from system logs, which is neccessary to implement discriminant analysis function to IDA.