Title :
A Multimedia Traffic Classification Scheme for Intrusion Detection Systems
Author :
Marques, Oge ; Baillargeon, Pierre
Author_Institution :
Dept. of Comput. Eng. & Eng., Florida Atlantic Univ., Boca Raton, FL
Abstract :
Intrusion detection systems (IDS) have become widely used tools for ensuring system and network security. Among many other challenges, contemporary IDS have to cope with increasingly higher bandwidths, which sometimes force them to let some data go by without being checked for possible malicious activity. This paper presents a novel method to improve the performance of IDS based on multimedia traffic classification. In the proposed method, the IDS has additional knowledge about common multimedia file formats and uses this knowledge to perform a more detailed analysis of packets carrying that type of data. If the structure and selected contents of the data are compliant, the corresponding stream is tagged accordingly, and the IDS is spared from further work on that stream. Otherwise, an anomaly is detected and reported. Our experiments using Snort confirm that this additional specialized knowledge results in substantial computational savings, without significant overhead for processing non-multimedia data
Keywords :
frame relay; multimedia communication; security of data; telecommunication security; telecommunication traffic; IDS; anomaly detection; intrusion detection system; multimedia file format; multimedia traffic classification scheme; network security; Computational efficiency; Computer security; Data security; Intrusion detection; Monitoring; Multimedia systems; Open source software; Performance analysis; Streaming media; Telecommunication traffic;
Conference_Titel :
Information Technology and Applications, 2005. ICITA 2005. Third International Conference on
Conference_Location :
Sydney, NSW
Print_ISBN :
0-7695-2316-1
DOI :
10.1109/ICITA.2005.28
