Title :
Implementation Of Application Layer Intrusion Detection System Using Protocol Analysis
Author :
Sangeetha, S. ; Vaidehi, V. ; Srinivasan, N. ; Rajkumar, K.V. ; Pradeep, S. ; Ragavan, N. ; Lokesh, C. Sri Sai ; Subadeepak, I. ; Prashanth, V.
Author_Institution :
Anna Univ., Chennai
Abstract :
The current security problems in the internet quantify the need for a semantic intrusion detection system engine working in the application level. In the proposed semantic IDS, an object is defined as an occurrence of an elementary pattern represented by a regular expression which may not be malicious. However occurrence of combination of some of these objects may represent a malicious behavior of the user. A rule is defined such that it will be triggered whenever a particular set of objects occurs or whenever a specific sequence of object occurs. The rules and the objects are bonded together in Lex tool and integrated with the IDS engine. Given a set of rules (each dictating a number of constraints that the input data must fulfill to trigger it) the IDS engine will find malicious events using as few redundant comparisons as possible. IDS implementation is done in Linux platform using Lex and Yacc tools. The system was implemented completely in web environment and the results are presented with performance analysis.
Keywords :
Linux; cryptographic protocols; telecommunication security; IDS engine; Lex tools; Linux platform; Web environment; Yacc tools; application layer intrusion detection system; intrusion detection system engine; malicious events; performance analysis; protocol analysis; HTML; Internet; Intrusion detection; Java; Pattern matching; Payloads; Protocols; Search engines; Signal analysis; Signal processing;
Conference_Titel :
Signal Processing, Communications and Networking, 2008. ICSCN '08. International Conference on
Conference_Location :
Chennai
Print_ISBN :
978-1-4244-1924-1
Electronic_ISBN :
978-1-4244-1924-1
DOI :
10.1109/ICSCN.2008.4447204
