Hua-ping HU,Hai-tao CHEN,Chen-lin HUANG,Yong TANG

DOI: https://doi.org/10.3969/j.issn.1007-130X.2001.02.006

2001-01-01

Abstract:An intrusion detection system (IDS) can detect system or network sources in a real-time way,find the intruder in time,and prevent legal users' misoperation.It is the main part of the Pro tec tion Detection Response(PDR) security model.In this paper,the status quo of the intrusion detection technology is summarized first.Then,based on our research,its development trend and directions are put foward.

Fei Yu,XiaoPing Dai,Yue Shen,Huang Huang,Miaoliang Zhu

DOI: https://doi.org/10.1109/ICSSSM.2005.1500110

2005-01-01

Abstract:The problem in network security presently is how to get real-time intrusion detection and alert. In the paper, we design Intrusion Detection System architecture and arithmetic again, meanwhile put forward an improved pattern matching arithmetic based on protocol analysis and theorization machine on Frete. New architecture can use network processor to collect and analyze data in network bottom, which enhance the speed and efficiency in Detection System.

Yue Shen,Fei Yu,Ling-Fen Zhang,Ji-Yao An,Miao-Liang Zhu

DOI: https://doi.org/10.1109/CANET.2005.1598184

2005-01-01

Abstract:Intrusion detection is an efficient way to protect information system. This paper puts forward a new method of anomalous intrusion detection based on system call. It uses system calls regarded as input, and creates a FSA for the functions in the program. Then the FSA is used to detect the attack. Moreover, It can find the place of the vulnerability which exists in the program. This can help to alter the source program. Results are shown that this method is effective for some intrusion events.

WU Qing-tao,SHAO Zhi-qing

DOI: https://doi.org/10.3969/j.issn.1001-3695.2005.12.004

2005-01-01

Abstract:Intrusion detection,as one of the most active and important network security technology,can compensate the shortcomings of traditional security protection measure.Through building dynamic security cycle,it can promote the protection capacity of system and reduce the security threats as great as possible. An overview of basic issues on intrusion detection is shown in this paper,which is involved with three main aspects of intrusion detection,including Intrusion Detection System(IDS) architecture,intrusion detection methods and IDS evaluation.Firstly,three kinds of IDS architectures are analyzed.Then,current intrusion detection models are given,and their merits or shortcomings are discussed in detail.Finally,some future promi￣sing directions are presented.

胡敏,潘雪增,平玲娣

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.01.033

2004-01-01

Abstract:This paper focuses on issures related to deploying a data mining-based IDS (Intrusion Detection System) in a real time environment To overcome the limitations of traditional IDS, the corresponding solutions to accurracy, efficiency and usability is presented.These solutions impove efficiency of traditional DOS and maintain a desired accuracy level. This paper also proposed an architecture consisting of sensors, detectors, a data warehouse and model generation components. This architecture facilitates the sharing and storage of audit data and the distribution of new or updated models. Also, it improves the efficiency and scalability of the traditional IDS.

Yun SHI,Shu-yu CHEN

DOI: https://doi.org/10.16595/j.1671-055x.2007.06.028

2007-01-01

Abstract:Intrusion detection is one of core technologies in dynamic safe technique. On the common method of intrusion detection and standardization research, the current situation of intrusion technology was analyzed in detail and the development trend of intrusion in the future was expounded.

王文奇,郑秋生,吴婷,李伟华

DOI: https://doi.org/10.16208/j.issn1000-7024.2008.14.070

2008-01-01

Abstract:At present intrusion detection system(IDS) in high-speed network is a main point in security domain.The main problem and various restricted factors IDS faced in high-speed network is analyzed,and involved researches such as zero-copy technique and fast pattern matching model is introduced too.Finally,the distributed intrusion detection system based data-distribution is figured out as a good measure,and some remaining problems and emerging trends in this area is presented.

Xiaoyan Cai

2008-01-01

Abstract:This paper first analyzed the main features of the wireless sensor network;then set forth the most common intrusion detection architectures of wireless sensor network;and studied typical algorithms emphatically,as well as presented their advantages and disadvantages in detail.Finally,addressed some valuable directions for further research.

ZHOU Quan,WANG Chong-jun,WANG Jun,ZHOU Xin-min,CHEN Shi-fu

DOI: https://doi.org/10.3969/j.issn.1001-3695.2007.05.045

2007-01-01

Abstract:The ability to detect intruders in computer systems increases in importance as computers were increasingly integra-ted into the systems that rely on for the correct functioning of society.A history of research in intrusion detection and several approaches based on AI technology in IDS especially some machine learning technology,and then agent-based intrusion detection systems were introduced.In the end,some possible research directions and challenges was presented in this field.

饶元,冯博琴

DOI: https://doi.org/10.3969/j.issn.1009-2552.2003.12.017

2003-01-01

Abstract:As a newly security technique, intrusion detection system (IDS) is becoming a hot-point technique in the network security fields, which overcomes the default of the traditional security techniques. This paper analyzes some concepts of intrusion detection and a kind of classification method process-based. Furthermor, the Deterministic Finite Automat(DFA) model has been utilized and an algorithm has been designed to simulate the intrusion detection process. Fastly, this paper presents four dominant problems about IDS that should be solved in the future.

WANG Jun,WANG Chong-Jun,XIE Jun-Yuan,CHEN Shi-Fu

DOI: https://doi.org/10.3969/j.issn.1002-137x.2006.12.017

2006-01-01

Computer Science

Abstract:Intrusion detection is a proactive network security protection mechanism, which has become a research focus in the field of the network security. Since the Agent-based intrusion detection systems have the features of the distributed coordination processing and intelligence, many researchers attach great importance to it and it has become a research trend for the next generation intrusion detection systems. In this paper, we first introduce the history of the intrusion detection systems (IDS)and its classifications. And then some recent research development that related to the key aspects of static Agent-based intrusion detection systems and mobile Agent-based intrusion detections systems are deeply explored. And their development treads are also given. In the end, we present some possible research directions and challenges for Agent-based intrusion detection systems.

李家春,李之棠

DOI: https://doi.org/10.3969/j.issn.1001-3695.2001.12.002

2001-01-01

Abstract:Intrusion Detection system(IDS) is an importance part of computer network security system.In this paper,classifies ,development,study trend and directions are thorough discussed,that research and developing homemade IDS is promising and importance is pointed out.

Huangzhong Hua,Shunhua Li

DOI: https://doi.org/10.1109/csss.2012.284

2012-01-01

Abstract:The open access and limited resources of WSNs make the network vulnerable to all kinds of attacks, and for this reason it requires effective intrusion detection technology to detect and identify various security threat. This paper firstly gives a brief introduction of the present intrusion detection system, and then discusses the various threats faced of WSNs, at last this paper points out that the comprehensive use of various technologies is the trend of the intrusion detection system of WSNs.

Liu Hua Yeo,Xiangdong Che,Shalini Lakkaraju

DOI: https://doi.org/10.48550/arXiv.1708.07174

2017-08-23

Cryptography and Security

Abstract:Intrusion detection systems (IDS) help detect unauthorized activities or intrusions that may compromise the confidentiality, integrity or availability of a resource. This paper presents a general overview of IDSs, the way they are classified, and the different algorithms used to detect anomalous activities. It attempts to compare the various methods of intrusion techniques. It also describes the various approaches and the importance of IDSs in information security.

SHI Mei-Lin,QIAN Jun,XU Chao

2006-01-01

Computer Science

Abstract:Intrusion detection technology has been an indispensable part of information security metrics, but till now no standard is widely accepted to evaluate the effectiveness and accuracy of intrusion detection systems (IDS). Thus, both the end users and researchers have doubt on the effectiveness of IDS and algorithms. The key point of the solution is to construct a precise and comprehensive methodology for IDS evaluation. Researchers have proposed several IDS evaluation methods, such as dataset evaluation proposed by MIT Lincoln Lab and Open Security Evaluation Criteria proposed by Neohapsis, etc. According to the evaluation results researchers may look through the weak point of current intrusion detection technologies and thus improve on them. In this paper we present a detail analysis of dataset evaluation methodology proposed by MIT Lincoln Lab and point out the key problems of dataset evaluation methodology. We also propose an improving research plan as our furthering work in order to update the evaluation dataset.

Lei Deng,De-yuan Gao

DOI: https://doi.org/10.1109/nswctc.2009.87

2009-01-01

Abstract:Intrusion Detection Systems (IDSs) are increasingly a key part of systems defense. Various approaches to Intrusion Detection are currently being used, but they are relatively ineffective. Recently applying Artificial Intelligence, machine learning and data mining techniques to IDS are increasing. Artificial Intelligence plays a driving role in security services. This paper proposes an Immune based Adaptive Intrusion Detection System Model (IAIDSM). Analyzing the training data obtaining from internet, the self behavior set and nonself behavior set can be obtained by the partitional clustering algorithm, then it extracts Self and nonself pattern sets from these two behavior sets by association rules and sequential patterns mining. The Self and nonself sets can update automatically and constantly online. So IAIDSM improves the ability of detecting new type intrusions and the adaptability of the system.

Chih-Fong Tsai,Yu-Feng Hsu,Chia-Ying Lin,Wei-Yang Lin

DOI: https://doi.org/10.1016/j.eswa.2009.05.029

IF: 8.5

2009-12-01

Expert Systems with Applications

Abstract:The popularity of using Internet contains some risks of network attacks. Intrusion detection is one major research problem in network security, whose aim is to identify unusual access or attacks to secure internal networks. In literature, intrusion detection systems have been approached by various machine learning techniques. However, there is no a review paper to examine and understand the current status of using machine learning techniques to solve the intrusion detection problems. This chapter reviews 55 related studies in the period between 2000 and 2007 focusing on developing single, hybrid, and ensemble classifiers. Related studies are compared by their classifier design, datasets used, and other experimental setups. Current achievements and limitations in developing intrusion detection systems by machine learning are present and discussed. A number of future research directions are also provided.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

ZHANG Jun,SU Pu-rui,FENG Deng-guo

2006-01-01

Journal of Computer Applications

Abstract:The technology of Intrusion Detection is one of the important measures to protect the networks.Host-based intrusion detection is used to protect the key hosts.A flexible loading intrusion detection based on system-call was introduced in this paper.This system improved the common data collection method,and adopted virtual equipment driversto acquire system call.This method brings small influence on system,is easy to load and unload,and provides the standard interface. The data analysis integrates the two detection methods: anomaly and misuse,which provides corresponding detection models and introduces the noise filtering function.

Chen Min

2002-01-01

Abstract:In recent years, intrusion detection systems, being the important part of the information security system, have gained extensive attentions. Many different intrusion detection technologies come into being. This paper presents an architecture of Intrusion Detection Systems (IDS) based on autonomous agents. The distributed architecture paves the way in that IDSes can avoid the single point failure of the distributed systems, balance the system load and improve the efficiency, to meet the requirements of modern computer and network technologies.

WU Ying,JIANG Jian-hui,ZHANG Rui

DOI: https://doi.org/10.3969/j.issn.1002-137x.2011.01.004

2011-01-01

Computer Science

Abstract:System call based intrusion detection is currently a hot subject of research all over the world.The existing system call based intrusion detection techniques and theories with their respective challenges and research trends were discussed comprehensively,especially those(that are) newly developed.We hold that with the advent of the Tide-based commercial intrusion detection system(IDS) SanAPT,how to improve detection performance,to decrease error alarm rate and to solve issues on multiplatform,lightweight,and distribution related to practicality of the IDSs will be hot topics in this field.