29 August 2002 Detection of DoS attacks using intrusion detection sensors
Author Affiliations +
Proceedings Volume 4909, Network Design and Management; (2002) https://doi.org/10.1117/12.481058
Event: Asia-Pacific Optical and Wireless Communications 2002, 2002, Shanghai, China
Abstract
Intrusion detection systems have usually been developed using large host-based components. These components impose an extra load on the system where they run (sometimes even requiring a dedicated system) and are subject to tampering or disabling by an intruder. Additionally, intrusion detection systems have usually obtained information about host behavior through indirect means, such as audit trails or network packet traces. This potentially allows intruders to modify the information before the intrusion detection system obtains it and slows down the detection and prevention of DoS attacks, making it possible for an intruder to hide his activities. In this paper we propose work that will attempt to show that it is possible to perform intrusion detection mechanism of DoS attacks using small sensors embedded in a computer system. These sensors will look for signs of specific intrusions. They will perform target monitoring by observing the behavior of the through an audit trail or other indirect means in real time while the Snort IDS running. Furthermore, by being built into the computer system it could provide a flexible alert sensor which may not impose a considerable extra load on the host they monitor.
© (2002) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Pathmenanthan Ramakrishna, Mohd Aizaini Maarof, "Detection of DoS attacks using intrusion detection sensors", Proc. SPIE 4909, Network Design and Management, (29 August 2002); doi: 10.1117/12.481058; https://doi.org/10.1117/12.481058
PROCEEDINGS
12 PAGES


SHARE
Back to Top