Attacks Classification to Improve the Power of Snorts
Ever-increasing dependency on daily operation of computer networks has bolded the issue of how to decrease attacks and also Intrusions. The conventional algorithms of snorts mostly are evaluated as low-powered detection tools. In contrast, recent algorithms are able to detect intrusion properly. The major weakness in modern detection methods is that the power of IDS is restricted only to the network on which these intelligent algorithms are applied. This paper presents a new method to solve issues considering locality. We have classified any attacks to networks in the form of a protocol in the application layer which could be saved later in any and/or all of verified servers as rules. Thus all snorts across the inter-networks would be aware of the attack with enough details to immune itself. The major advantage of this method is that the old snorts strategies can also use possibilities of the new snorts dispersed over the network. We will evaluate this method and show that the resulted traffic is balanced across the Internet without imposing considerable overheads.
Snort Classification Rule IDS
Afshin Rezakhani Roozbahani Ramin Nassiri GolamReza Latif-Shabgahi
Department of Computer Engineering Islamic Azad University Arak, Iran Department of Computer Engineering Islamic Azad University, Central Tehran Tehran, Iran Control and Computer Dept, Electrical Faculty Power and Water Univ. of Technology Tehran, Iran
国际会议
重庆
英文
3-6
2009-12-25(万方平台首次上网日期,不代表论文的发表时间)