The Use of Distributed Network-Based IDS Systems in Detection of Evasion Attacks

Authors:
Ilija Basicevic;Miroslav Popovic;Vladimir Kovacevic
Affiliations:
Novi Sad, Serbia And Montenegro;Novi Sad, Serbia And Montenegro;Novi Sad, Serbia And Montenegro
Venue:
AICT-SAPIR-ELETE '05 Proceedings of the Advanced Industrial Conference on Telecommunications/Service Assurance with Partial and Intermittent Resources Conference/E-Learning on Telecommunications Workshop
Year:
2005

Citing 0
Cited 2

Effective allied network security system based on designed scheme with conditional legitimate probability against distributed network attacks and intrusions

International Journal of Communication Systems
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues

Information Sciences: an International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper discusses some problems in use of Intrusion Detection Systems (IDS), especially related to evasion attacks. Important characteristics of this type of attacks are presented, and possibilities for attack analyzed. Further along, characteristics of network and host based IDS systems are compared, and some aspects of distributed approach to architecture of IDS are analyzed. On the basis of such discussion, paper proposes use of distributed network based IDS systems, which are client based, in detection of evasion attacks. Proposed model is compared to host based Intrusion Prevention Systems (HIPS). Important characteristics of the model are discussed. Some implementation issues are presented.