Traffic and Attack Pattern Analysis for Multiagent Distributed Intrusion Detection System
pdf
Abstract
The paper proposes an attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multiagent Intrusion Detection System (MUDIDS) architecture. The role of traffic anomalies detection is discussed, then it has been clarified how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading). Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.
Tags:
Submitted by Katie Dey
on