文章基本信息

标题：Snort Based H-IDS with KF sensor and Weka
本地全文：下载
作者：Durgesh Kumar ; Vivek Vashishtha
期刊名称：International Journal of Advanced Research In Computer Science and Software Engineering
印刷版ISSN：2277-6451
电子版ISSN：2277-128X
出版年度：2012
卷号：2
期号：5
出版社：S.S. Mishra
摘要：Intrus ion Detecti on S ystem (IDS) used today suffer fro m several shortco mi ngs i n the presence of co mplex and unknown attacks . He nce in t his paper S nort bas ed h ybri d Intrusion Detectio n S ystem wi th au tomatic signature generati on is in vestigate d. The proble m of unk nown attack s wi th IDS is sol ved using ano maly de tecti on. Entropy is one of the well known de tection techni que used in intr usion detecti on. In thi s work, a sys tem is desi gned wi th the hel p of Entropy base d techni que an d i ntegra ted with real ti me sys tem Snort (S igna ture base d techni que) so t hat i t can have advant ages of both techni ques. A feature extractio n system is desig ned which can be us ed f or calcul ating the i mporta nt fe atures f or which entropy can be c alcul ate d for ano mal y de tecti on. A nother iss ue of IDS, hectic amount of alert data , has als o been a ddressed by developi ng alert unificati on s ystem which co mprises of alert ranking and re ducti on s yste m. Alert reducti on s ystem is used to efficientl y uni fy al erts generated by h ybri d IDS whereas alert rank ing system i s us ed to gi ve ranks to th ose alerts accor di ng to t heir import ance
关键词：S n ort. Entropy; anomaly detection; alert unifi cation; rankin g