Traffic and Attack Pattern Analysis for Multiagent Distributed Intrusion Detection System

pdf

Abstract The paper proposes an attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multiagent Intrusion Detection System (MUDIDS) architecture. The role of traffic anomalies detection is discussed, then it has been clarified how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading). Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.

Tags:

Ontology

intrusion detection system

Institute of Information Science and Engineering

Wrochaw University of Technology

Science of Security

C3E 2009 Bibliography Artifacts

Submitted by Katie Dey on Sat, 05/26/2012 - 12:45