TCP/IP illustrated (vol. 1): the protocols
TCP/IP illustrated (vol. 1): the protocols
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
NetSTAT: a network-based intrusion detection system
Journal of Computer Security
Elements of the Theory of Computation
Elements of the Theory of Computation
A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
A smart IDS and response system for the internet malicious worm
International Journal of Wireless and Mobile Computing
| Hi-index | 0.00 |
This paper presents a new approach called network state based model to describe intrusionsand attacks. In the model which uses FA theory and can detect unknown attacks, the attacks and intrusions are described by the states and state transitions of network protocols and operation systems. First, the paper shows that the model is feasible for intrusion detection, and then it describes the IDS(Intrusion Detection System) using this model by CIDF(Common Intrusion Detection Framework). Lastly, the network state based model is compared with some other models.