Design and implement of firewall-log-based online attack detection system

Authors:
Hu Tongshen; Xiamin;Chen Qingzhang;Ying Kezhen
Affiliations:
Zhejiang University of Technology, Hang Zhou, Zhejiang, China;Zhejiang University of Technology, Hang Zhou, Zhejiang, China;Zhejiang University of Technology, Hang Zhou, Zhejiang, China;Zhejiang University of Technology, Hang Zhou, Zhejiang, China
Venue:
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Year:
2004

Citing 2
Cited 1

Network Intrusion Detection: An Analyst's Handbook

Network Intrusion Detection: An Analyst's Handbook
Two state-based approaches to program-based anomaly detection

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference

Detection of unknown dos attacks by kolmogorov-complexity fluctuation

CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents a firewall-log-based online attack detection system, giving its inner logic, composing, detecting method and realization. The system is up to firewall-log's online analysis, between-log relevancy checking, and automatic audit by the way of state transition of finite state machine. Test shows the system will provide firewall with not only network attack detection ability but also the ability to scan network addresses, scan communication ports and deny service.