Please use this identifier to cite or link to this item:
https://repository.cihe.edu.hk/jspui/handle/cihe/1291
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Chan, Anthony Hing-Hung | en_US |
dc.contributor.other | Barry, B. I. A. | - |
dc.date.accessioned | 2021-08-13T09:13:19Z | - |
dc.date.available | 2021-08-13T09:13:19Z | - |
dc.date.issued | 2009 | - |
dc.identifier.uri | https://repository.cihe.edu.hk/jspui/handle/cihe/1291 | - |
dc.description.abstract | Signature-based intrusion detection systems (IDSs) have the advantages of producing a lower false alarm rate and using less system resources compared to anomaly based systems. However, they are susceptible to obfuscation used by attackers to introduce new variants of the attacks stored in the database. Some of the disadvantages of signature-based IDSs can be attributed to the fact that they are mostly purely syntactic and ignore the semantics of the monitored systems. In this paper, we present the design and implementation of a signature database that assists a Specification-based IDS in a converged environment. Our design is novel in terms of considering the semantics of the monitored protocols alongside their syntax. Our protocol semantics awareness is based on the state transition analysis technique which models intrusions at a high level using state transition diagrams. The signature database is hierarchically designed to insure a balance between ease of use and fast retrieval in real time. The database prototype is tested against some implemented attacks and shows promising efficiency. | en_US |
dc.language.iso | en | en_US |
dc.publisher | Wiley | en_US |
dc.relation.ispartof | Security and Communication Networks | en_US |
dc.title | Syntax and semantics-based signature database for hybrid intrusion detection systems | en_US |
dc.type | journal article | en_US |
dc.identifier.doi | 10.1002/sec.77 | - |
dc.contributor.affiliation | School of Computing and Information Sciences | en_US |
dc.relation.issn | 1939-0122 | en_US |
dc.description.volume | 2 | en_US |
dc.description.issue | 6 | en_US |
dc.description.startpage | 457 | en_US |
dc.description.endpage | 475 | en_US |
dc.cihe.affiliated | No | - |
item.languageiso639-1 | en | - |
item.fulltext | With Fulltext | - |
item.openairetype | journal article | - |
item.grantfulltext | open | - |
item.openairecristype | http://purl.org/coar/resource_type/c_6501 | - |
item.cerifentitytype | Publications | - |
crisitem.author.dept | Yam Pak Charitable Foundation School of Computing and Information Sciences | - |
crisitem.author.orcid | 0000-0001-7479-0787 | - |
Appears in Collections: | CIS Publication |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
View Online | 79 B | HTML | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.