IEEE Transactions on Software Engineering - Special issue on computer security and privacy
The nature of statistical learning theory
The nature of statistical learning theory
Genetic programming: an introduction: on the automatic evolution of computer programs and its applications
Intrusion detection with neural networks
NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Practical automated detection of stealthy portscans
Journal of Computer Security
Learning Program Behavior Profiles for Intrusion Detection
Proceedings of the Workshop on Intrusion Detection and Network Monitoring
Identifying key features for intrusion detection using neural networks
ICCC '02 Proceedings of the 15th international conference on Computer communication
A Neural Network Component for an Intrusion Detection System
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Hybrid multi-agent framework for detection of stealthy probes
Applied Soft Computing
The feature selection and intrusion detection problems
ASIAN'04 Proceedings of the 9th Asian Computing Science conference on Advances in Computer Science: dedicated to Jean-Louis Lassez on the Occasion of His 5th Cycle Birthday
Hi-index | 0.00 |
Probing tools are widely used to discover system information. Once the information is known, attackers can launch computer attacks against the vulnerable services running on the system. Even though current computer systems are protected against known attacks by implementing a number of access restriction policies, protection against novel attacks still remains as an elusive goal for the researchers. Attackers defeat current protection and detection mechanisms by exploiting uuknown weakness and bugs in system and application software. Stealthy and low profile probes that include only a few carefully crafted packets over an extended period of time are used to delude firewalls and intrusion detection systems.Building effective IDSs, unfortunately, has remained an elusive goal owing to the great technical challenges involved; and applied AI techniques are increasingly being utilized in attempts to overcome the difficulties. This paper presents computational intelligent agents based approach to detect computer probes at the originating host. We also investigate and compare the performance of different, classifiers used for detecting probes, with respect to the data collected on a real network that includes a variety of simulated probe attacks and the normal activity.Through a variety of experiments and analysis, it is found that, with appropriately chosen network features computer probes can be detected in real time or near real time at the originating host. Using the detection information an effective respons mechanism can be implemented at the boundary controllers.