Byte Level NIDS Improvement
Journal Title: International Journal on Computer Science and Engineering - Year 2012, Vol 4, Issue 3
Abstract
Byte sequences are used in multiple network intrusion detection systems (NIDS) as signatures to detect nasty activity. Though being highly competent, a high rate of false-positive rate is found. Here we suggest the concept of contextual signatures as an enhancement to string-based signaturematching. Instead of matching isolated fixed strings, we enhance the matching process with added context. While designing a proficient signature engine for the NIDS, we provide low-level perspective by using regular expressions for matching, and high-level perspective by taking advantage of the semantic information made available by protocol analysis and scripting language. Thereafter, we greatly augment the signature’s articulateness and hence the ability to reduce false positives. Multiple examples are presented such as matching request matching with replies, using environmental knowledge, defining dependencies between signatures to model step-wise attacks, and recognizing exploit scans.
Authors and Affiliations
Dr. Sameer Shrivastava
Keywords
Related Articles
- EP ID EP140298
- DOI -
- Views 116
- Downloads 0
Personal Cloud-based Learning Environment
In recent years, E-learning has grown into a widely accepted way of learning, and the usage of the global network is inevitable in every education process. Ubiquitous learning environments should integrate modern pedagog...
A BICS Design to Detect Soft Error in CMOS SRAM
. This paper presents a Built In Current Sensor (BICS) design to detect oft error under both standby and operating condition in omplementary Metal Oxide Semiconductor (CMOS) Static Random Access Memory (SRAM). BICS con...
Ideal Strategy to Improve Datawarehouse Performance
Data warehouse is set up for the benefits of business analysts and executives across all functional areas. The primary goal of data warehouse is to free the information locked up in the operational database so that decis...
A Comprehensive Assessment of Object-Oriented Software Systems Using Metrics Approach
Demand for efficient software is increasing day by day and bject-oriented design technique became able to fulfill this demand because it is the most powerful mechanism to develop efficient software systems. It can not o...
Shodhika Bhashini Multilingual Search and TTS System
This paper presents a multilingual search engine and text to speech system (TTS) developed to help hands-busy and visually impaired/aged people. Wide spread use of computers and Internet for the last two decades has made...