Please use this identifier to cite or link to this item: https://scholarbank.nus.edu.sg/handle/10635/39721
DC FieldValue
dc.titleAutomatic scheme to construct Snort rules from honeypots data
dc.contributor.authorLi, X.
dc.contributor.authorLiu, D.
dc.date.accessioned2013-07-04T07:48:03Z
dc.date.available2013-07-04T07:48:03Z
dc.date.issued2005
dc.identifier.citationLi, X.,Liu, D. (2005). Automatic scheme to construct Snort rules from honeypots data. Journal of Systems Engineering and Electronics 16 (2) : 466-470. ScholarBank@NUS Repository.
dc.identifier.issn16711793
dc.identifier.urihttp://scholarbank.nus.edu.sg/handle/10635/39721
dc.description.abstractA scheme to construct signatures automatically for Snort from the data captured by honeypots is presented. With this scheme intrusion detection systems can be quickly updated to detect new intrusions soon when happen. The idea is based on the observation that any traffic to and from honeypots represents abnormal activities, so data patterns extracted from these packets can be used by misuse detection system to identify new attacks. The algorithm of constructing rules is discussed. Experiment illustrates the effectiveness of the scheme.
dc.sourceScopus
dc.subjectHoneypot
dc.subjectIntrusion detection
dc.subjectSignature constructing
dc.subjectSnort
dc.typeArticle
dc.contributor.departmentCOMPUTER SCIENCE
dc.description.sourcetitleJournal of Systems Engineering and Electronics
dc.description.volume16
dc.description.issue2
dc.description.page466-470
dc.description.codenJSEEF
dc.identifier.isiutNOT_IN_WOS
Appears in Collections:Staff Publications

Show simple item record
Files in This Item:
There are no files associated with this item.

Page view(s)

115
checked on Jan 20, 2022

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.