Title :
Multi-Level Intrusion Detection System (ML-IDS)
Author :
Al-Nashif, Youssif ; Kumar, Aarthi Arun ; Hariri, Salim ; Qu, Guangzhi ; Luo, Yi ; Szidarovsky, Ferenc
Author_Institution :
Dept. of ECE, Arizona Univ., Tucson, AZ
Abstract :
As the deployment of network-centric systems increases, network attacks are proportionally increasing in intensity as well as complexity. Attack detection techniques can be broadly classified as being signature-based, classification-based, or anomaly-based. In this paper we present a multi level intrusion detection system (ML-IDS) that uses autonomic computing to automate the control and management of ML-IDS. This automation allows ML-IDS to detect network attacks and proactively protect against them. ML-IDS inspects and analyzes network traffic using three levels of granularities (traffic flow, packet header, and payload), and employs an efficient fusion decision algorithm to improve the overall detection rate and minimize the occurrence of false alarms. We have individually evaluated each of our approaches against a wide range of network attacks, and then compared the results of these approaches with the results of the combined decision fusion algorithm.
Keywords :
computer networks; security of data; telecommunication security; telecommunication traffic; anomaly-based attack; attack detection; autonomic computing; classification-based attack; false alarm; fusion decision; multilevel intrusion detection system; network attacks; network traffic; packet header; payload traffic; signature-based attack; traffic flow; Algorithm design and analysis; Application software; Automatic control; Communication system traffic control; Control systems; Internet; Intrusion detection; Payloads; Protection; Protocols;
Conference_Titel :
Autonomic Computing, 2008. ICAC '08. International Conference on
Conference_Location :
Chicago, IL
Print_ISBN :
978-0-7695-3175-5
Electronic_ISBN :
978-0-7695-3175-5
DOI :
10.1109/ICAC.2008.25
