Title :
Attacks Classification to Improve the Power of Snorts
Author :
Roozbahani, Afshin Rezakhani ; Nassiri, Ramin ; Shabgahi, GolamReza Latif
Author_Institution :
Dept. of Comput. Eng., Islamic Azad Univ., Arak, Iran
Abstract :
Ever-increasing dependency on daily operation of computer networks has bolded the issue of how to decrease attacks and also Intrusions. The conventional algorithms of snorts mostly are evaluated as low-powered detection tools. In contrast, recent algorithms are able to detect intrusion properly. The major weakness in modern detection methods is that the power of IDS is restricted only to the network on which these intelligent algorithms are applied. This paper presents a new method to solve issues considering locality. We have classified any attacks to networks in the form of a protocol in the application layer which could be saved later in any and/or all of verified servers as rules. Thus all snorts across the inter-networks would be aware of the attack with enough details to immune itself. The major advantage of this method is that the old snorts strategies can also use possibilities of the new snorts dispersed over the network. We will evaluate this method and show that the resulted traffic is balanced across the Internet without imposing considerable overheads.
Keywords :
computer network security; pattern classification; application layer protocol; attacks classification; computer network; low powered detection tool; snort intrusion detection systems; Communication system control; Communication system traffic control; Computer network management; Computer networks; Intrusion detection; Mobile agents; Network servers; Power engineering computing; Protection; Protocols; Classification; IDS; Rule; Snort;
Conference_Titel :
Computer Science-Technology and Applications, 2009. IFCSTA '09. International Forum on
Conference_Location :
Chongqing
Print_ISBN :
978-0-7695-3930-0
Electronic_ISBN :
978-1-4244-5423-5
DOI :
10.1109/IFCSTA.2009.353
