Real Time Traffic Classification For Intrusion Detection System

Shahrin , Sahib and Mohd Faizal, Abdollah and Robiah, Yusof and Siti Rahayu, Selamat (2007) Real Time Traffic Classification For Intrusion Detection System. Project Report. UTeM, Melaka, Malaysia. (Submitted)

PDF (Full Text) Real_Time_Traffic_Classification_For_Intrusion_Detection_System.pdf - Submitted Version Restricted to Registered users only Download (7MB)

Abstract

As a network grows in size and complexity, vulnerabilities within local area and wide area network increase and become more problematic. Information gathering techniques can be classified into two categories which are fast attack and slow attack. In order to detect these attacks, introducing intrusion detection system (IDS) inside the network is necessary. IDS has the capabilities to analyze the network traffic and recognize incoming and on-going intrusion. Majority of the current intrusion detection systems do not differentiate between these two types of attacks. By separated detection modules are more practical in order to achieve better accuracy and faster speed of detection. In real time environment, early detection of fast attack is very useful to prevent any further attack on the targeted network and may help to reduce the possibilities of an attacker gaining access to the vulnerable machine. However, the success of the IDS depends on the decision upon the set of features that the system is going to use for detecting an attacker especially in detecting fast attack. Therefore, this research will concentrate on fast attack by presenting a new framework and a set of minimum standard features to be used. The result will show that the proposed framework with the selected features has a strong potential to detect the fast attack and significantly reduce the false alarm generated by the intrusion detection system in real time environment.

Actions (login required)

View Item