Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Two state-based approaches to program-based anomaly detection
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Detection of unknown dos attacks by kolmogorov-complexity fluctuation
CISC'05 Proceedings of the First SKLOIS conference on Information Security and Cryptology
Hi-index | 0.00 |
This paper presents a firewall-log-based online attack detection system, giving its inner logic, composing, detecting method and realization. The system is up to firewall-log's online analysis, between-log relevancy checking, and automatic audit by the way of state transition of finite state machine. Test shows the system will provide firewall with not only network attack detection ability but also the ability to scan network addresses, scan communication ports and deny service.