Automated Technique for Debugging Network Intrusion Detection Systems

@article{Nehinbe2010AutomatedTF,
  title={Automated Technique for Debugging Network Intrusion Detection Systems},
  author={Joshua Ojo Nehinbe},
  journal={2010 International Conference on Intelligent Systems, Modelling and Simulation},
  year={2010},
  pages={362-367}
}
Signature-based Intrusion Detection Systems have numerous redundant rules that do not match network attacks during intrusion detections. Instead, the toolkits have low efficacies in matching each packet with all the detection rules to avoid false positives. Unfortunately, there are no automatic functionalities to debug expert systems so that all noisy signatures and rules set that trigger false alerts are isolated. Hence, heuristic methods are wrongly applied in realistic networks. Consequently… CONTINUE READING

Citations

Publications citing this paper.
SHOWING 1-2 OF 2 CITATIONS

References

Publications referenced by this paper.
SHOWING 1-10 OF 20 REFERENCES

An analysis of the 1999 DARPA / Lincoln Laboratory Evaluation Data for Network Anomaly Detection , proceeds of DAID 2003

  • P. K. Chan
  • 2009

Nehinbe, “A Simple Method for Improving Intrusion Detections in Corporate Networks

  • J O.
  • International Conference on Information Security…
  • 2009
1 Excerpt

Improving the quality of alerts with correlation in intrusion detection ”

  • A. Mezrioui
  • International Journal of Computer Science and…
  • 2007

Mezrioui, “Improving the quality of alerts with correlation in intrusion detection

  • A.L.S. Fatima
  • International Journal of Computer Science and…
  • 2007

Seagren, “Snort: IDS and IPS Toolkit

  • R. Alder, A. R. Baker, +5 authors E.S.R. Marty
  • Syngress publishing,
  • 2007
3 Excerpts

Similar Papers

Loading similar papers…