Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
448203 | Computer Communications | 2010 | 8 Pages |
Abstract
Exploit code based on system vulnerability is often used by attacker. Such exploit program often sends attack packets in the first few packets. A Lightweight Network Intrusion Detection system (LNID) is proposed for detecting such attacks on Telnet traffic. It characterizes normal traffic behavior and computes the anomaly score of a packet based on the deviation from the normal behavior. Instead of processing all traffic packets, an efficient filtering scheme proposed in the study can reduce system workload and only 0.3% of the original traffic volume is examined for anomaly. According to the performance comparisons with other network-based IDS, LNID is the most efficient on detection rate and workload reduction.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Chia-Mei Chen, Ya-Lin Chen, Hsiao-Chung Lin,