Hybrid Intrusion Forecasting Framework for Early Warning System
IEICE - Transactions on Information and Systems
Intrusion detection with CUSUM for TCP-Based DDoS
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
A model-based approach to self-protection in computing system
Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference
Hi-index | 0.00 |
Network-based Intrusion Detection System (NIDS) is developed to monitor network traffic in order to detect network intrusion. But it often lacks global cooperative capability. When facing attacks, e.g., DDoS, an intrusion detection system (IDS) needs an overall scheme to respond properly. Also, Internet consists of Network management units (NMUs). It would be better if several nearby surrounding NMUs can collaboratively guard and protect their important surrounded neighbor. In this article, we propose an Intrusion Forecast and Traceback System(IFTS) based on union defense environment. IFTS monitors network forwarding traffic, thus forecasting malicious behaviors for its neighbor NMU, called protected NMU(P-NMU). With forecasting, P-NMU can predetermine the way to treat the intrusion packets. IFTS deploys a hash-based Intrusion traceback sub system to trace intruders.