scispace - formally typeset
Proceedings ArticleDOI: 10.1109/ICOEI.2018.8553724

Wireless Network Security Using Intrusion Detection System

01 Apr 2018-
Abstract: A major problem for networked systems is hostile trespassers. These trespassers may be users or software used by users to trespass a network. Trespasses may be in the form of authorized logon to a machine or acquisition of privileges and performance of actions beyond that have been authorized when in the case of an authorized user. To protect these resources, we need to detect the intrusions or intended intrusions, as absolute security may not be possible. Automatic detection of attacks [1] requires some kind of machine learning approach for the detection purposes. For machine learning to be successful, the machines have to be trained for known types of attacks.

...read more

Topics: Intrusion detection system (63%), Password (52%)
References
  More

Journal ArticleDOI: 10.1109/TSE.1987.232894
Dorothy E. Denning1Institutions (1)
Abstract: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.

...read more

3,171 Citations


Journal ArticleDOI: 10.1145/382912.382923
John McHugh1Institutions (1)
Abstract: In 1998 and again in 1999, the Lincoln Laboratory of MIT conducted a comparative evaluation of intrusion detection systems (IDSs) developed under DARPA funding. While this evaluation represents a significant and monumental undertaking, there are a number of issues associated with its design and execution that remain unsettled. Some methodologies used in the evaluation are questionable and may have biased its results. One problem is that the evaluators have published relatively little concerning some of the more critical aspects of their work, such as validation of their test data. The appropriateness of the evaluation techniques used needs further investigation. The purpose of this article is to attempt to identify the shortcomings of the Lincoln Lab effort in the hope that future efforts of this kind will be placed on a sounder footing. Some of the problems that the article points out might well be resolved if the evaluators were to publish a detailed description of their procedures and the rationale that led to their adoption, but other problems would clearly remain./par>

...read more

1,226 Citations


Open access
01 Jan 1980-

1,132 Citations


Proceedings ArticleDOI: 10.1109/SP.1986.10010
Dorothy E. Denning1Institutions (1)
07 Apr 1986-
Abstract: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.

...read more

Topics: Intrusion detection system (60%), Expert system (55%), Vulnerability (computing) (53%) ...read more

948 Citations


Open accessProceedings ArticleDOI: 10.1109/RISP.1990.63859
L.T. Heberlein1, Gihan Dias1, Karl Levitt1, Biswanath Mukherjee1  +2 moreInstitutions (1)
07 May 1990-
Abstract: This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated. >

...read more

Topics: Network security (65%), Network simulation (60%), Local area network (57%) ...read more

442 Citations


Network Information
Related Papers (5)
21 Oct 2008

M. Fujii, Kenichi Takahashi +2 more

20 Jan 2014, Automation and Autonomous System

K. Arul Marie Joycee, R. Parkavi +1 more

01 Jan 2016

Rajalakshmi Selvaraj, Venu Madhav Kuthadi +1 more