The Experts below are selected from a list of 52074 Experts worldwide ranked by ideXlab platform
A Wespi - One of the best experts on this subject based on the ideXlab platform.
-
A revised taxonomy for intrusion-detection systems
Annales Des Télécommunications, 2000Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:Les outils de détection d’intrusions ont pour but de détecter des attaques contre les systèmes informatiques et les réseaux, et en général contre les systèmes d’information. Il est difficile aujourd’hui de créer des systèmes d’information pour lesquels la sécurité est garantie et de les maintenir à ce niveau de sécurité tout au long de leur fonctionnement. C’est pourquoi les outils de détection d’intrusions ont pour rôle de surveiller les systèmes d’information pour détecter l’apparition ou l’exploitation de failles de sécurité. Cet article qui fait suite à un article [Computer Networks 31, 805–822 (1999)], introduit une taxonomie des outils de détection d’intrusions illustrant les différentes facettes du domaine et étend cette taxonomie à d’autres aspects de la surveillance des systèmes d’information, comme l’analyse de vulnérabilités. intrusion-detection systems aim at detecting attacks against computer systems and networks, or in general against information systems. Indeed, it is difficult to provide provably secure information systems and to maintain them in such a secure state during their lifetime and utilization. Sometimes, legacy or operational constraints do not even allow the definition of a fully secure information system. Therefore, intrusion- detection systems have the task of monitoring the usage of such systems to detect apparition of insecure states. They detect attempts and active misuse, either by legitimate users of the information systems or by external parties, to abuse their privileges or exploit security vulnerabilities. In a previous paper [Computer networks 31, 805–822 (1999)], we introduced a taxonomy of intrusion- detection systems that highlights the various aspects of this area. This paper extends the taxonomy beyond real- time intrusion detection to include additional aspects of security monitoring, such as vulnerability assessment.
-
A revised taxonomy for intrusion-detection systems
Annals of Telecommunications, 2000Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:intrusion-detection systems aim at detecting attacks against computer systems and networks, or in general against information systems. Indeed, it is difficult to provide provably secure information systems and to maintain them in such a secure state during their lifetime and utilization. Sometimes, legacy or operational constraints do not even allow the definition of a fully secure information system. Therefore, intrusion-detection systems have the task of monitoring the usage of such systems to detect apparition of insecure states. They detect attempts and active misuse, either by legitimate users of the information systems or by external parties, to abuse their privileges or exploit security vulnerabilities. In a previous paper Computer Networks 31, 805-822 (1999), we introduced a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This paper extends the taxonomy beyond real-time intrusion detection to include additional aspects of security monitoring, such as vulnerability assessment.
-
Towards a taxonomy of intrusion-detection systems
Computer Networks, 1999Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:intrusion-detection systems aim at detecting attacks against computer systems and networks, or against information systems in general, as it is difficult to provide provably secure information systems and maintain them in such a secure state for their entire lifetime and for every utilization. Sometimes, legacy or operational constraints do not even allow a fully secure information system to be realized at all. Therefore, the task of intrusion-detection systems is to monitor the usage of such systems and to detect the apparition of insecure states. They detect attempts and active misuse by legitimate users of the information systems or external parties to abuse their privileges or exploit security vulnerabilities. In this paper, we introduce a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This taxonomy defines families of intrusion-detection systems according to their properties. It is illustrated by numerous examples from past and current projects.
Zhu Min - One of the best experts on this subject based on the ideXlab platform.
-
Study on Wireless intrusion detection systems Under 802.11i Security Infrastructure
Computers & Security, 2009Co-Authors: Zhu MinAbstract:Wireless local area networks have become more popular in the past years. However, wireless connections have many security flaws due to their natural limitations. In this paper we discuss the major wireless attacks and the security of 802.11i protocol. Despite 802.11i promotes the WLAN securities, several weaknesses still remain. Wireless intrusion detection systems (WIDS) can assist a great deal to protect wireless networks, open source WIDS such as Snort-Wireless can be used to protect wireless networks security.
Khalil Elkhatib - One of the best experts on this subject based on the ideXlab platform.
-
impact of feature reduction on the efficiency of wireless intrusion detection systems
IEEE Transactions on Parallel and Distributed Systems, 2010Co-Authors: Khalil ElkhatibAbstract:intrusion detection systems (IDSs) are a major line of defense for protecting network resources from illegal penetrations. A common approach in intrusion detection models, specifically in anomaly detection models, is to use classifiers as detectors. Selecting the best set of features is central to ensuring the performance, speed of learning, accuracy, and reliability of these detectors as well as to remove noise from the set of features used to construct the classifiers. In most current systems, the features used for training and testing the intrusion detection systems consist of basic information related to the TCP/IP header, with no considerable attention to the features associated with lower level protocol frames. The resulting detectors were efficient and accurate in detecting network attacks at the network and transport layers, but unfortunately, not capable of detecting 802.11-specific attacks such as deauthentication attacks or MAC layer DoS attacks. In this paper, we propose a novel hybrid model that efficiently selects the optimal set of features in order to detect 802.11-specific intrusions. Our model for feature selection uses the information gain ratio measure as a means to compute the relevance of each feature and the k-means classifier to select the optimal set of MAC layer features that can improve the accuracy of intrusion detection systems while reducing the learning time of their learning algorithm. In the experimental section of this paper, we study the impact of the optimization of the feature set for wireless intrusion detection systems on the performance and learning time of different types of classifiers based on neural networks. Experimental results with three types of neural network architectures clearly show that the optimization of a wireless feature set has a significant impact on the efficiency and accuracy of the intrusion detection system.
Hervé Debar - One of the best experts on this subject based on the ideXlab platform.
-
A revised taxonomy for intrusion-detection systems
Annales Des Télécommunications, 2000Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:Les outils de détection d’intrusions ont pour but de détecter des attaques contre les systèmes informatiques et les réseaux, et en général contre les systèmes d’information. Il est difficile aujourd’hui de créer des systèmes d’information pour lesquels la sécurité est garantie et de les maintenir à ce niveau de sécurité tout au long de leur fonctionnement. C’est pourquoi les outils de détection d’intrusions ont pour rôle de surveiller les systèmes d’information pour détecter l’apparition ou l’exploitation de failles de sécurité. Cet article qui fait suite à un article [Computer Networks 31, 805–822 (1999)], introduit une taxonomie des outils de détection d’intrusions illustrant les différentes facettes du domaine et étend cette taxonomie à d’autres aspects de la surveillance des systèmes d’information, comme l’analyse de vulnérabilités. intrusion-detection systems aim at detecting attacks against computer systems and networks, or in general against information systems. Indeed, it is difficult to provide provably secure information systems and to maintain them in such a secure state during their lifetime and utilization. Sometimes, legacy or operational constraints do not even allow the definition of a fully secure information system. Therefore, intrusion- detection systems have the task of monitoring the usage of such systems to detect apparition of insecure states. They detect attempts and active misuse, either by legitimate users of the information systems or by external parties, to abuse their privileges or exploit security vulnerabilities. In a previous paper [Computer networks 31, 805–822 (1999)], we introduced a taxonomy of intrusion- detection systems that highlights the various aspects of this area. This paper extends the taxonomy beyond real- time intrusion detection to include additional aspects of security monitoring, such as vulnerability assessment.
-
A revised taxonomy for intrusion-detection systems
Annals of Telecommunications, 2000Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:intrusion-detection systems aim at detecting attacks against computer systems and networks, or in general against information systems. Indeed, it is difficult to provide provably secure information systems and to maintain them in such a secure state during their lifetime and utilization. Sometimes, legacy or operational constraints do not even allow the definition of a fully secure information system. Therefore, intrusion-detection systems have the task of monitoring the usage of such systems to detect apparition of insecure states. They detect attempts and active misuse, either by legitimate users of the information systems or by external parties, to abuse their privileges or exploit security vulnerabilities. In a previous paper Computer Networks 31, 805-822 (1999), we introduced a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This paper extends the taxonomy beyond real-time intrusion detection to include additional aspects of security monitoring, such as vulnerability assessment.
-
Towards a taxonomy of intrusion-detection systems
Computer Networks, 1999Co-Authors: Hervé Debar, Marc Dacier, A WespiAbstract:intrusion-detection systems aim at detecting attacks against computer systems and networks, or against information systems in general, as it is difficult to provide provably secure information systems and maintain them in such a secure state for their entire lifetime and for every utilization. Sometimes, legacy or operational constraints do not even allow a fully secure information system to be realized at all. Therefore, the task of intrusion-detection systems is to monitor the usage of such systems and to detect the apparition of insecure states. They detect attempts and active misuse by legitimate users of the information systems or external parties to abuse their privileges or exploit security vulnerabilities. In this paper, we introduce a taxonomy of intrusion-detection systems that highlights the various aspects of this area. This taxonomy defines families of intrusion-detection systems according to their properties. It is illustrated by numerous examples from past and current projects.
Ji Su Yang - One of the best experts on this subject based on the ideXlab platform.
-
ICISC - Balanced indexing method for efficient intrusion detection systems
Lecture Notes in Computer Science, 2013Co-Authors: Boojoong Kang, Hye Seon Kim, Ji Su YangAbstract:To protect a network from malicious activities, intrusion detection systems can be used. Most of intrusion detection systems examine incoming packets with detection signatures to detect potential malicious packets. Because the portion of malicious packets is usually very small, it is not efficient to examine incoming packets with all signatures. In this paper, we propose a method that reduces the number of signatures to be examined and show the experimental results of our proposed method.
