Abiola Abimbola
Enhancing intrusion detection via an active target host.
Abimbola, Abiola; Munoz, Jose; Buchanan, William J
Abstract
Over the past decade, there have been increases in network attacks. These attacks are typically at-tempts to compromise the integrity, confidentiality or availability of networked resources. In other to reduce these attacks, Intrusion Detection Systems (IDS) were introduced. These systems monitor and analyse network traffic, and try to detect network attacks, and, in response, execute counter-measures, which overcome current security weaknesses. In this paper we present a quick review of IDS and their vulnerabilities, discuss, in detail, the performance unreliability of IDS’s against end-to-end encrypted attacks, network fragmented attacks and denial of service exploitation of pro-gramming flaws. These vulnerabilies are illustrated in order to verify and validate the discussion. The experiments measure the performance of Snort, which is a network IDS which detecting the stated network attacks. Our experimental findings show that Snort could only detect 50% denial of service exploitation of programming flaws and 0% end-to-end encrypted attacks.
Citation
Abimbola, A., Munoz, J., & Buchanan, W. J. (2006). Enhancing intrusion detection via an active target host. In IEEE ICTe Africa 2006
Conference Name | IEEE ICTe 2006 |
---|---|
Publication Date | 2006 |
Deposit Date | Dec 21, 2010 |
Publicly Available Date | Dec 21, 2010 |
Peer Reviewed | Peer Reviewed |
Book Title | IEEE ICTe Africa 2006 |
Keywords | network attacks; integrity; confidentiality; intrusion detection system; countermeasure; performance; unreliability; validation; verification and computer-based diagrams; |
Public URL | http://researchrepository.napier.ac.uk/id/eprint/3977 |
Files
Enhancing intrusion detection via an active target host.
(172 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc/4.0/
You might also like
A framework to detect novel computer viruses via system calls.
(2006)
Conference Proceeding
NetHost-Sensor: Investigating the capture of end-to-end encrypted intrusive data
(2006)
Journal Article
Investigating false positive reduction in HTTP via procedure analysis.
(2006)
Conference Proceeding
NetHost-sensor: Monitoring a target host's application via system calls
(2006)
Journal Article
Analysis and detection of cruising computer viruses.
(2004)
Conference Proceeding
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search