![Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions](//coverdb.com/reviewSE/w100/e4f/9781249591528.jpg) |
|
Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions
John L. Bebo
Paperback. BiblioScholar 2012-10-09.
ISBN 9781249591528
|
|
|
Hitta bokens lägsta pris
|
Förlagets beskrivning
Given the increasingly prominent cyber-based threat, there are substantial research and development efforts underway in network and host-based intrusion detection using single-packet traffic analysis. However, there is a noticeable lack of research and development in the intrusion detection realm with regard to attacks that span multiple packets. This leaves a conspicuous gap in intrusion detection capability because not all attacks can be found by examining single packets alone. Some attacks may only be detected by examining multiple network packets collectively, considering how they relate to the "big picture, " not how they are represented as individual packets. This research demonstrates a multiple-packet relational sensor in the context of a Computer Immune System (CIS) model to search for attacks that might otherwise go unnoticed via single-packet detection methods. Using relational schemata, multiple-packet CIS sensors define "self" based on equal, less than, and greater than relationships between fields of routine network packet headers. Attacks are then detected by examining how the relationships among attack packets may lay outside of the previously defined "self." Furthermore, this research presents a graphical, user-interactive means of network packet inspection to assist in traffic analysis of suspected intrusions. The visualization techniques demonstrated here provide a valuable tool to assist the network analyst in discriminating between true network attacks and false positives, often a time-intensive, and laborious process
Liknande böcker
Recensioner
Den här boken har tyvärr inte några recensioner ännu. Om du redan läst boken, skriv en recension!
Recensera boken
Skriv en recension och dela dina åsikter med andra. Försök att fokusera på bokens innehåll. Läs våra instruktioner för mer information.
Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions
Bokrecensioner » Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions
|
|
![Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions](/images/background.gif) |
![Using Relational Schemata in a Computer Immune System to Detect Multiple-Packet Network Intrusions](/images/background.gif) |
|
|
|