The use of distributed network-based IDS systems in detection of evasion attacks

被引：0

作者：

Basicevic, I ^{[1
]}

Popovic, M ^{[1
]}

Kovacevic, V ^{[1
]}

机构：

[1] Univ Novi Sad, Fac Tech Sci, Novi Sad 21000, Serbia Monteneg

来源：

Telecommunications 2005, Proceedings | 2005年

关键词：

D O I：

暂无

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

This paper discusses some problems in use of Intrusion Detection Systems (IDS), especially related to evasion attacks. Important characteristics of this type of attacks are presented, and possibilities for attack analyzed Further along, characteristics Of network and host based IDS systems are compared, and some aspects of distributed approach to architecture of IDS are analyzed. On the basis of such discussion, paper proposes use of distributed network based IDS systems, which are client based, in detection of evasion attacks. Proposed model is compared to host based Intrusion Prevention Systems (HIPS). Important characteristics of the model are discussed. Some implementation issues are presented.

引用

页码：78 / 82

页数：5

共 50 条

[1] Network-based problem detection for distributed systems
Kashima, H
Tsumura, T
Idé, T
Nogayama, T
Hirade, R
Etoh, F
Fukuda, T
[J]. ICDE 2005: 21ST INTERNATIONAL CONFERENCE ON DATA ENGINEERING, PROCEEDINGS, 2005, : 978 - 989
[2] Simulation of attacks on network-based error detection
Hu, Ming
Jiang, Minghua
[J]. IITA 2007: WORKSHOP ON INTELLIGENT INFORMATION TECHNOLOGY APPLICATION, PROCEEDINGS, 2007, : 99 - 102
[3] A Framework for Generating Evasion Attacks for Machine Learning Based Network Intrusion Detection Systems
Mogg, Raymond
Enoch, Simon Yusuf
Kim, Dong Seong
[J]. INFORMATION SECURITY APPLICATIONS, 2021, 13009 : 51 - 63
[4] A dependable architecture to mitigate distributed denial of service attacks on network-based control systems
Beitollahi, Hakem
Deconinck, Geert
[J]. INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2011, 4 (3-4) : 107 - 123
[5] Defending network intrusion detection systems against adversarial evasion attacks
Pawlicki, Marek
Choras, Michal
Kozik, Rafal
[J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2020, 110 : 148 - 154
[6] FILE SERVERS FOR NETWORK-BASED DISTRIBUTED SYSTEMS
SVOBODOVA, L
[J]. COMPUTING SURVEYS, 1984, 16 (04) : 353 - 398
[7] Decision analysis of network-based intrusion detection systems for denial-of-service attacks
Li, M
Jia, WJ
Zhao, W
[J]. 2001 INTERNATIONAL CONFERENCES ON INFO-TECH AND INFO-NET PROCEEDINGS, CONFERENCE A-G: INFO-TECH & INFO-NET: A KEY TO BETTER LIFE, 2001, : E1 - E6
[8] Detection of DDoS and IDS Evasion Attacks in a High-Speed Networks Environment
Oh, Jin-Tae
Park, Sang-Kil
Jang, Jong-Soo
Jeon, Yong-Hee
[J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2007, 7 (06): : 124 - 131
[9] Strengthening IDS against Evasion Attacks with GAN-based Adversarial Samples in SDN-enabled network
Cao Phan Xuan Qui
Dang Hong Quang
Phan The Duy
Do Thi Thu Hien
Van-Hau Pham
[J]. 2021 RIVF INTERNATIONAL CONFERENCE ON COMPUTING AND COMMUNICATION TECHNOLOGIES (RIVF 2021), 2021, : 192 - 197
[10] Neural Network-Based Voting System with High Capacity and Low Computation for Intrusion Detection in SIEM/IDS Systems
Moukafih, Nabil
Orhanou, Ghizlane
El Hajji, Said
[J]. SECURITY AND COMMUNICATION NETWORKS, 2020, 2020

← 1 2 3 4 5 →