Enhancing intrusion detection via an active target host.

Abimbola, Abiola; Munoz, Jose; Buchanan, William J

Enhancing intrusion detection via an active target host.

Abimbola, Abiola; Munoz, Jose; Buchanan, William J

Authors

Abiola Abimbola

Jose Munoz

Prof Bill Buchanan B.Buchanan@napier.ac.uk
Professor

Abstract

Over the past decade, there have been increases in network attacks. These attacks are typically at-tempts to compromise the integrity, confidentiality or availability of networked resources. In other to reduce these attacks, Intrusion Detection Systems (IDS) were introduced. These systems monitor and analyse network traffic, and try to detect network attacks, and, in response, execute counter-measures, which overcome current security weaknesses. In this paper we present a quick review of IDS and their vulnerabilities, discuss, in detail, the performance unreliability of IDS’s against end-to-end encrypted attacks, network fragmented attacks and denial of service exploitation of pro-gramming flaws. These vulnerabilies are illustrated in order to verify and validate the discussion. The experiments measure the performance of Snort, which is a network IDS which detecting the stated network attacks. Our experimental findings show that Snort could only detect 50% denial of service exploitation of programming flaws and 0% end-to-end encrypted attacks.

Citation

Abimbola, A., Munoz, J., & Buchanan, W. J. (2006). Enhancing intrusion detection via an active target host. In IEEE ICTe Africa 2006

Conference Name	IEEE ICTe 2006
Publication Date	2006
Deposit Date	Dec 21, 2010
Publicly Available Date	Dec 21, 2010
Peer Reviewed	Peer Reviewed
Book Title	IEEE ICTe Africa 2006
Keywords	network attacks; integrity; confidentiality; intrusion detection system; countermeasure; performance; unreliability; validation; verification and computer-based diagrams;
Public URL	http://researchrepository.napier.ac.uk/id/eprint/3977
Contract Date	Dec 21, 2010