Future Generation Computer Systems
An enhanced DGIDE platform for intrusion detection
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Hi-index | 0.00 |
The threat to organisations from network attacksis very real. Current countermeasures to denial ofservice (DoS) attacks rely on the perimeter model ofnetwork security. However, as the case study andanalysis in this paper make apparent, the perimetermodel, which relies on firewalls and IntrusionDetection Systems, is unable to provide an effectivedefence against DoS attacks. Therefore, there is a needfor a new approach; one that identifies an attackbeyond the perimeter. Within this paper, we presentsuch an approach. We achieve early detection of DoSattacks by the identification of traffic signatures whichindicate that an attack is underway. As these signaturescan be identified 'outside' the perimeter, appropriatemeasures can be taken to prevent the attack fromsucceeding. We use examples of DoS attacks and a casestudy to demonstrate the applicability of our approach.