- Title
- Self-learning framework for intrusion detection
- Creator
- Venkatraman, Sitalakshmi
- Date
- 2010
- Type
- Text; Conference proceedings
- Identifier
- http://researchonline.federation.edu.au/vital/access/HandleResolver/1959.17/33716
- Identifier
- vital:4677
- Abstract
- Present intrusion detections systems (IDS) in both network (NIDS) and host (HIDS) lack the ability to sense signs of intrusions at early stages of attacks, much before any damage occurs. They are unable to cope with new attacking strategies as they predominantly rely on matching patterns of known behaviour (Known signatures). In addition, they are unable to take automatic action in the event of multiple intrusions as they typically resort to manual or semi-manual identification mechanism that are either network-based or host-based separately, rather than collectively. Hence, there is no need for more research to focus on i) automatically identifying new possible intrusions through self-learning methods in order to address zero-day attacks and ii) integrating observed anomalies from NIDS as well as HIDS. With these two objectives, this paper presents a framework that postulates a self-learning monitoring mechanism with the aid of agents to integrate existing knowledge with new observed behaviour patterns gathered from network and host collectively. It also illustrates the working of an agent-based self-learning mechanism in detecting intrusions effectively.
- Publisher
- Singapore IRAST
- Rights
- This metadata is freely available under a CCO license
- Subject
- Malicious attacks; Intrusion detection systems; Self-learning; Collaborative agents
- Hits: 279
- Visitors: 276
- Downloads: 0
Thumbnail | File | Description | Size | Format |
---|