The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Our network infrastructure is exposed to persistent threats of DDoS and many unknown attacks. These threats threaten the availability of ISP's network and services. This paper proposes network-based anomalous traffic detection method and presents an anomalous traffic detection system, its architecture and main function blocks. Every five minutes, traffic information and security events are gathered...
This paper combines the results of research on social psychology, and has designed a trust model for rumor spreading. It is considered that when information exchanges between people, the trust of information is related to the interpersonal closeness. In addition, this paper uses Monte Carlo method to find the key source nodes in rumor spreading by comparing the total number of spread nodes and spreading...
At present, the focus of network security research mainly centers on the increase of detection ability of a single detection tool. For example, improve the accuracy and detection efficiency of firewall and intrusion detection system but despise the defense ability of the whole network system. This paper puts forward the concept of network active defense system and emphatically analyzes its architecture,...
The pervasive nature of wireless devices and the arbitrary organization of mobile networks attract growing interest in the design of wireless and mobile ad hoc networks. However, malicious nodes always exist due to the vulnerabilities of wireless and mobile nodes and thereby their misbehavior can weaken the utilization of ad hoc networks. Therefore, addressing security issues becomes extremely important...
Exactly assessing the security risk of a network is the key to improving the security level of the network. The hidden Markov model based real time network security risk quantification method can get the risk value dynamically and in real-time, whose input is intrusion detection system alerts. The method is better than the traditional static assessment method. The paper resolves main fault of this...
Intrusion detection systems (IDS) and intrusion prevention systems (IPS) are now considered a mainstream security technology. IDS and IPS are designed to identify security breaches. However, one of the most important problems with current IDS and IPS is the lack of the ldquoenvironmental awarenessrdquo (i.e. security policy, network topology and software). This ignorance triggers many false positives...
An artificial immune system (ARTIS) enlightened by the biological immune system is emerging as a new field of computation intelligence research. At present, it showed us many properties after the research to the immune system, including distributed computation, self-organization and lightweight, which were discovered to meet the requests of ARTIS. So the Immunology applied to the intrusion detection...
Network security is a critical component for any sized organization. While static defence technologies such as firewalls and anti-virus provide basic protection for computer networks, an intrusion detection system (IDS) can improve overall security by identifying and responding to novel malicious activities. The current existing IDS methods suffer from low accuracy and system robustness. To overcome...
Organizations face increasing challenges in addressing and preventing computer and network security incidents. There are financial consequences from security incidents. These include lost time and resources used during recovery, possible theft of personal and/or proprietary information, and reputational damage that may negatively impact stock prices or reduce consumer confidence in a company. Being...
This paper describes a forensic logging system that collects fine-grained evidence from target servers and networks. For the logging system, we developed a TCSEC-B1 level secure operating system and a dedicated network processor that collects network traffic. The logging system is also capable of protecting servers from malicious attacks as well as allowing security managers to obtain forensic evidences...
Availability is one of the main characteristics of Internet security and hence attacks against networks increase trying to stop services on servers. Distributed denial of service attacks are very dangerous for computer networks and services availability. Various defense systems were proposed. Unfortunately, until now, there is no efficient solution. This paper presents a decentralized architecture...
The rapid proliferation of computer networks has changed the prospect of network security. An easy accessibility condition cause computer networkpsilas vulnerable against several threats from hackers. Threats to networks are numerous and potentially devastating. Up to the moment, researchers have developed Intrusion Detection Systems (IDS) capable of detecting attacks in several available environments...
Protecting computer networks from accidental and malicious harm is a critical issue. Researchers have sought a variety of solutions ranging from the purely statistical approach to approaches inspired from a variety of fields such as economics and biology. In this paper, we focus on the issue of intruder detection and propose two complementary approaches, one economics-based, the other biology-inspired...
In recent years, the network attack become more and more widespread and difficult in against. The traditional technique, such as Firewall is good, but when malicious traffic originates from inside network or enters through a hole in the firewall you may need another line of defense to protect you. This is a article introducing the concepts of IDS, what they do, the functions they serve, the classification...
Recently network intrusion detection is one of the hottest research topics. Existing network-based Intrusion Detection System (IDS) has drawbacks in many aspects, among of which the two outstanding problems are the high ratio of false alarms and the lack of self-adaptation. The powerful information processing capabilities of the biological immune system, such as feature extraction, pattern recognition,...
Recent security incidents and analysis have demonstrated that current intrusion detection systems (1DS) to some attacks are no longer feasible. Implementing an effective intrusion detection capability is an elusive goal, not solved easily or with a single mechanism. However, we argue that "SoftMan" (SM) technology goes a long way toward realizing the ideal behavior desired in an intrusion...
This paper presents a taxonomy of anomaly detection techniques that is then used to survey and classify a number of research prototypes and commercial products. Commercial products and solutions based anomaly detection techniques are beginning to establish themselves in mainstream security solutions alongside firewalls, intrusion prevention systems and network monitoring solutions. These solutions...
As an important method to analyze the security status of computer network, generating of network attack graph is a hot topic in this domain. After analyzing network security attributes including the host, user privilege, connection relation, etc., the model of computer network security status space is built. The node of attack graph expresses the network security status, and the directed-line expresses...
This paper considers the problem of the dynamic risk assessment for the network based on the threat stream analysis. We analyze the general approach to do the network dynamic risk assessment. A stream based cube model is built to analyze the characteristics of the threat stream. Then combining with the research about the description and analysis of the threat effect, we propose the architecture of...
The 3 most important issues for anomaly detection based intrusion detection systems by using data mining methods are: feature selection, data value normalization, and the choice of data mining algorithms. In this paper, we study primarily the feature selection of network traffic and its impact on the detection rates. We use KDD CUP 1999 dataset as the sample for the study. We group the features of...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.