Please use this identifier to cite or link to this item:
https://scholarbank.nus.edu.sg/handle/10635/14872
| Title: | Feedback control in intrusion detection systems | Authors: | ZHU HANLE | Keywords: | Intrusion detection system (IDS), real time detection, overload attack, network test-bed, knapsack problem, feedback. | Issue Date: | 11-Nov-2005 | Citation: | ZHU HANLE (2005-11-11). Feedback control in intrusion detection systems. ScholarBank@NUS Repository. | Abstract: | Real Time Network-based Intrusion Detection Systems (RT-IDSs) attempt to detect and respond to security violations for information systems in real time, i.e. while they are under deployment. One determinative aspect to consider when designing RT-IDSs is how to keep these IDSs functional under overload attacks. When overload attack happens, the RT-IDS becomes vulnerable to precisely timed malicious access, even if the IDS has corresponding rules capable of detecting the attack. To counteract these attacks, researchers have proposed an adaptive scheme which adjusts the rule portfolio of RT-IDS according to the feedback information from network traffic. In this thesis, the adaptive behaviors of RT-IDS are tested in a software based network test-bed. Feedback information other than network traffic is considered to decide when to configure the rule portfolio of RT-IDS. Different feedback strategies are suggested and implemented in simulation environment and their performances are compared and analyzed. | URI: | http://scholarbank.nus.edu.sg/handle/10635/14872 |
| Appears in Collections: | Master's Theses (Open) |
Show full item record
Files in This Item:
| File | Description | Size | Format | Access Settings | Version | |
|---|---|---|---|---|---|---|
| thesis_final_revised.pdf | 1.74 MB | Adobe PDF | OPEN | None | View/Download |
Google ScholarTM
Check
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.