Abstract

AbstractSignature‐based intrusion detection systems (IDSs) have the advantages of producing a lower false alarm rate and using less system resources compared to anomaly based systems. However, they are susceptible to obfuscation used by attackers to introduce new variants of the attacks stored in the database. Some of the disadvantages of signature‐based IDSs can be attributed to the fact that they are mostly purely syntactic and ignore the semantics of the monitored systems. In this paper, we present the design and implementation of a signature database that assists a Specification‐based IDS in a converged environment. Our design is novel in terms of considering the semantics of the monitored protocols alongside their syntax. Our protocol semantics awareness is based on the state transition analysis technique which models intrusions at a high level using state transition diagrams. The signature database is hierarchically designed to insure a balance between ease of use and fast retrieval in real time. The database prototype is tested against some implemented attacks and shows promising efficiency. Copyright © 2008 John Wiley & Sons, Ltd.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Survey on Updating IDSs’ Signatures Databases
Muteb Y Al-Yosef ... Nabih T Arar
Journal of Information Security and Cybercrimes Research | VOL. 1
Muteb Y Al-Yosef, et. al.Muteb Y Al-Yosef ... Nabih T Arar
01 Jan 2018
Agent-based IDMEF alerting infrastructure for distributed intrusion detection and prevention systems: Design and validation
Radu Lupu ... Radu Badea
-
Radu Lupu, et. al.Radu Lupu ... Radu Badea
01 Jun 2016
An Improved Hybrid Intrusion Detection System in Cloud Computing
Ajeet Kumargautam ... Vidushi Sharma
International Journal of Computer Applications | VOL. 53
Ajeet Kumargautam, et. al.Ajeet Kumargautam ... Vidushi Sharma
25 Sep 2012
A Quantitative Evaluation Model for Network Security
Dapeng Man ... Lejun Zhang
-
Dapeng Man, et. al.Dapeng Man ... Lejun Zhang
01 Dec 2007
View more papers

More From: Security and Communication Networks

Paper Title
Journal
Date
Author
HMMED: A Multimodal Model with Separate Head and Payload Processing for Malicious Encrypted Traffic Detection
Peng Xiao ... Jian Hu
Security and Communication Networks | VOL. -
Peng Xiao, et. al.Peng Xiao ... Jian Hu
30 May 2024
A Robust Coverless Image Steganography Algorithm Based on Image Retrieval with SURF Features
Fan Li ... Chenyang Liu
Security and Communication Networks | VOL. 2024
Fan Li, et. al.Fan Li ... Chenyang Liu
18 May 2024
Effective and Efficient Android Malware Detection and Category Classification Using the Enhanced KronoDroid Dataset
Mudassar Waheed ... Sana Qadir
Security and Communication Networks | VOL. 2024
Mudassar Waheed, et. al.Mudassar Waheed ... Sana Qadir
08 Apr 2024
Securing the Transmission While Enhancing the Reliability of Communication Using Network Coding in Block-Wise Transfer of CoAP
Mohammed D Halloush
Security and Communication Networks | VOL. 2024
Mohammed D HalloushMohammed D Halloush
28 Mar 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.