CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection

Part of book or chapter of book English OPEN
Day, David ; Flores, Denys (2012)
  • Publisher: Institute of Electrical and Electronics Engineers ( IEEE )
  • Related identifiers: doi: 10.1109/TrustCom.2012.110
  • Subject:
    acm: ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS

Intrusion Detection Systems are an accepted and very\ud useful option to monitor, and detect malicious activities.\ud However, Intrusion Detection Systems have inherent limitations which lead to false positives and false negatives; we propose that combining signature and anomaly based IDSs should be examined. This paper contrasts signature and anomaly-based IDSs, and critiques some proposals about hybrid IDSs with signature and heuristic capabilities, before considering some of their contributions in order to include them as main features of a new hybrid IDS named CONDOR (COmbined Network intrusion Detection ORientate), which is designed to offer superior pattern analysis and anomaly detection by reducing false positive rates and administrator intervention.
  • References (27)
    27 references, page 1 of 3

    [1] D.J. Day and Z. Zhao, "Protecting Against Address Space Layout Randomization (ASLR) Compromises and Return-toLibc Attacks Using Network Intrusion Detection Systems.," International Journal of Automation and Computing, vol. 8, no. 4, pp. 472-483, Dec. 2011.

    [2] W. R. Cheswick, S. M. Bellovin, and A.D. Rubin, "Intrusion Detection," in Firewalls and Internet Security: Repelling the Wily Hacker, 2nd ed. Boston: Addison-Wesley, 2003, pp. 279- 283.

    [3] Ryan Trost, "Intrusion Detection Systems," in Practical Intrusion Analysis: Prevention and Detection for the TwentyFirst Century, Karen Gettman, Ed. Boston, USA: AddisonWesley, 2010, ch. 3, pp. 53-85.

    [4] P. M. Mafra, V.Moll, J. da Silva Fraga, and A.O.Santin, "Octopus-IIDS: An Anomaly Based Intelligent Intrusion Detection System," in IEEE Symposium on Computers and Communications, Riccione, Italy, 22-25 June 2010, pp. 405-410.

    [5] S. Jajodia, Intrusion Detection Systems, R.Di Pietro and L.V. Mancini, Eds. New York, US: Springer, 2008.

    W.Li, Z.Li, H.Shi, and W.Li, "A Novel Intrusion Detection System for E-Commerce System," in International Conference on Management of e-Commerce and e-Government, Nanchang, China, 16-19 September 2009, p. 454.

    [7] Z.Trabelsi and R.Mahdy, "An Anomaly Intrusion Detection System Employing Associative String Processor," in Ninth International Conference on Networks, Menuires, France, 11-16 April 2010, p. 220.

    [8] C.C.Lo, C.C.Huang, and J.Ku, "A Cooperative Intrusion Detection System Framework for Cloud Computing Networks," in 39th International Conference on Parallel Processing Workshops, San Diego, USA, 13-16 September 2010, p. 281.

    [9] J.Yang, X.Chen, X.Xiang, and J.Wan, "HIDS-DT: An Effective Hybrid Intrusion Detection System Based on Decision Tree," in International Conference on Communications and Mobile Computing, Shenzhen, China, 12-14 April 2010, p. 70.

    [10] J.Mallery et al., "Intrusion Detection and Response," in Hardening Network Security, Jane K. Brownlow, Ed. Emeriville: McGraw-HIll, 2005, pp. 365-386.

  • Metrics
    views in OpenAIRE
    views in local repository
    downloads in local repository

    The information is available from the following content providers:

    From Number Of Views Number Of Downloads
    Sheffield Hallam University Research Archive - IRUS-UK 0 152
Share - Bookmark