You are in:Home/Publications/Agent – Based Intrusion Detection Using Hidden Markov Model

Prof. Rafat Alkmaar :: Publications:

Title:
Agent – Based Intrusion Detection Using Hidden Markov Model
Authors: Raafat A. El-Kammar, Y. H. Dakroury, Mohamed I. Sharawy, A. S. El-Nady
Year: 2007
Keywords: Not Available
Journal: Ain Shams University, Faculty of Engineering, Scientific Bulletin
Volume: 42
Issue: 1
Pages: 299-316
Publisher: Not Available
Local/International: International
Paper Link: Not Available
Full paper Not Available
Supplementary materials Not Available
Abstract:

Intrusion detection is the process of attempting to identify instances of attacks comparing current activity against the expected actions of an intruder. Most current approaches to intrusion detection involve the use of rule-based expert system to identify indications of known attacks. However, these techniques are less successful in identifying attacks which vary from the expected patterns. The proposed system shows that evidence of many of these attacks can be found by a statistical analysis of network data. It also illustrates that Hidden Markov models can efficiently detect these activities. The system is tested against denial of service attacks, distributed denial of service attacks, and port scans. Also most of the current intrusion detection systems are central in nature. In a large network with heavy traffic the amount of data to be monitored and analyzed is too huge to be processed in a central place. The proposed system introduces a novel configurable distributed agent-based architecture that overcomes the problems of central processing.

Google ScholarAcdemia.eduResearch GateLinkedinFacebookTwitterGoogle PlusYoutubeWordpressInstagramMendeleyZoteroEvernoteORCIDScopus