Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지

Active Response Model and Scheme to Detect Unknown Attacks

  • Kim, Bong-Han (Department of Computer and Information Engineering, Chongju University) ;
  • Kim, Si-Jung (Dept. of Computer Science, Chungju University)
  • Published : 2008.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

This study was conducted to investigate what to consider for active response in the intrusion detection system, how to implement active response, and 6-phase response models to respond actively, including the active response scheme to detect unknown attacks by using a traffic measuring engine and an anomaly detection engine.

Keywords

References

  1. H. Debar, D. Curry, B. Feinstein, 'The Intrusion Detection Message Exchange Format draft-ietf-idwg-idmef-xml-14', Internet-Draft, IETF, 2005
  2. Jinqiao Yu, Y. V. Ramana Reddy, Sentil Selliah, Srinivas Kankanahalli, Sumitra Reddy, Vijayanand Bharadwaj. 'TRINETR: An Intrusion Detection Alert Management System,' 13th IEEE (WETICE'04), pp.235-240, 2004.
  3. Carl Endorf, Eugene Schultz, Jim Mellander, 'Intrusion Detection & Prevention', McGrawHill, 2004
  4. Kim, H.A. and Karp, B., 'Autograph: Toward Automated, Distributed Worm Signature Detection', 13th Usenix Security Symposium (Security 2004), August, 2004
  5. Jian Zhang, Jian Gong and Yong Ding, 'Research on automated rollbackability of intrusion response', Journal of Computer Security, Vol.12, No.5, pp.737-751, 2004 https://doi.org/10.3233/JCS-2004-12504
  6. Kai Hwang, Ying Chen, Hua Liu. 'Defending Distributed Systems Against Malicious Intrusions and Network Anomalies' , IPDPS'05, 2005