A case-based approach to network intrusion detection
Proceedings of the Fifth International Conference on Information Fusion. FUSION 2002. (IEEE Cat.No.02EX5997) - Tập 2 - Trang 1084-1089 vol.2
Tóm tắt
This paper reports progress on creating a case-based implementation of the well-known Snort intrusion detection system. Snort is a simple rule-based system that is known to suffer limitations, including both failure to detect certain kinds of intrusions and the frequent raising of false alarms. We believe that a case-based reasoning approach can provide a framework in which to incorporate more sophisticated artificial intelligence techniques that will help overcome some of these limitations. In addition, the present system is intended to apply more generally to other aspects of network security, as well as other domains related to protecting the nation's critical infrastructure. The system is being built using the modern software engineering technique known as "adaptive" or "reflective architectures," which will make it easily adaptable to other kinds of problem domain.
Từ khóa
#Intrusion detection #Information security #Protection #Payloads #Open source software #Java #XML #Computer science #Knowledge based systems #ModemsTài liệu tham khảo
10.1007/11590316_4
aha, 0, Navy Conversational Decision Aids Environment
0, The Open Source Network Intrusion Detection System
martin fowler, 1997, Analysis Patterns Reusable Object Models
10.1007/BFb0056340