Title :
Kerckhoffs´ principle for intrusion detection
Author :
Mrdovic, Sasa ; Perunicic, Branislava
Author_Institution :
University of Sarajevo, Bosnia and Herzegovina
fDate :
Sept. 28 2008-Oct. 2 2008
Abstract :
One of the basic principles of cryptography is that the security of a system must depend not on keeping secret the algorithm, but only the key. This principle is known as Kerckhoffs´ Principle. In this paper we propose application of this principle in intrusion detection systems. The fact that attackers know the intrusion detection algorithm will not help them if there is a secret key for each implementation that makes it different enough from the others. Implementation of network packet payload anomaly detection IDS that enables application of the idea is presented. Results for various keys confirm excellent detection capabilities. Proof of concept mimicry attack protection example is provided.
Keywords :
Cryptography; Intrusion detection; Payloads; Standards; Telecommunication traffic; Training; Kerckhoffs´ principle; anomaly detection; network intrusion detection; word models;
Conference_Titel :
Telecommunications Network Strategy and Planning Symposium, 2008. Networks 2008. The 13th International
Conference_Location :
Budapest
Print_ISBN :
978-963-8111-68-5
DOI :
10.1109/NETWKS.2008.6231360
