Title :
A flow based method to detect penetration
Author :
Shangdong Liu ; Jian Gong ; Jianxin Chen ; Yanbing Peng ; Wang Yang ; Weiwei Zhang ; Jakalan, Ahmad
Author_Institution :
Key Lab. of Comput. Network Technol. of Jiangsu Province, Southeast Univ., Nanjing, China
Abstract :
With the rapid expansion of the Internet, network security has become more and more important. IDS (Intrusion Detection System) is an important technology coping network attacks and is of two main types: network based (NIDS) and host based (HIDS). In this paper, we propose the conception of NFPPB (Network Flow Patterns of Penetrating Behavior) to network vulnerable ports and design a NIDS algorithm to detect infiltration behaviors of attacker. Essentially, NFPPB is a set of metrics calculated by network activities exploiting the vulnerabilities of hosts. The paper investigates choosing, generation and comparison of NFPPB metrics. Experiments show that the method is effective and with high efficiency. At last, the paper addresses the future direction and the points that need to be improved.
Keywords :
computer network security; IDS; flow based method; intrusion detection system; network attacks; network flow patterns of penetrating behavior; network security; network vulnerable ports; Educational institutions; IP networks; Law; Measurement; Ports (Computers); Security; Flow Records; IDS; Infiltration Detection; Penetration Detection;
Conference_Titel :
Advanced Infocomm Technology (ICAIT), 2014 IEEE 7th International Conference on
Conference_Location :
Fuzhou
Print_ISBN :
978-1-4799-5454-4
DOI :
10.1109/ICAIT.2014.7019551
