High-Speed Network Intrusion Detection Research

Posted on:2008-08-04

Degree:Master

Type:Thesis

Country:China

Candidate:L T Lin

Full Text:PDF

GTID:2178360215475379

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

Intrusion detection systems (IDS) are combinations of software and hardware systems that automate theprocess of monitoring the events occurring in a computer system or network, analyzing them for signs ofsecurity problems. As network attacks have increased in number and severity over the past few years,intrusion detection systems have become a necessary addition to the security infrastructure of mostorganizations.Network-based intrusion detection systems(NIDS) uses raw network packets as the data source, andanalyses all traffic in real-time as it travels across the network. Currently, IDS focuses on Network-basedIDS, instead of Host based IDS. NIDS has much difficulty with the rapid development of networkbandwidth. This paper designs a network intrusion detection system for high-speed network. It implementssome new designs so as to overcome faults of pass systems and detects attacks more accurately anefficientlyThis paper uses the theory of Stratified Sampling into IDS, which can be divided into two parts:Anomalous Intrusion Detection Module and Sampling Module. Anomalous Intrusion Detection Moduleadopts the detecting model based on Outlier Analysis and Character Distribution algorithm. It firstcomputes the character distribution in network packets payload and leads to an anomalous scale, whichcan be a parameter in Sampling Module for guiding stratifying. In Sampling Module, filter out thevaluable sample from high-speed network packets according to the anomalous scale got before. And thenin Intrusion Detection Module, detect the sample for reflecting the total feature. After the overview ofintrusion detection system, this paper mainly describes Outlier Analysis and Character Distributionalgorithm in Anomalous Intrusion Detection Module and stratified strategy and inside sampling method inSampling Module. Based on those this paper designs and implements a real Intrusion Detection System.Results show that the system can accelerate detecting velocity effectively testing by DARPA 1999 IDSevaluation dataset.

Keywords/Search Tags:

intrusion detection, high-speed network, stratified sampling, outlier detection, character distribution

PDF Full Text Request

Related items

1	Anomaly Detection Based On Packet Sampling In The High-speed Network Intrusion Detection System In The Study
2	Research And Application Of Affinity Propagation Clustering Based Outlier Detection In Intrusion Detection
3	Research And Implementation On Packet Sampling Algorithm For Intrusion Detection
4	Research Of Intrusion Detection Techniques For High Speed Networks
5	The Research And Implementation Of Intrusion Detection For High-Speed Networks
6	Research On Deep Web Data Analysis Based On Stratified Sampling
7	Design And Implementation Of Distributed Network Intrusion Detection System Based On Spark
8	Research On Outlier Detection Algorithm And Its Application In Network Intrusion Detection System
9	Research And Implementation Of Intrusion Detection System On Distributed High-speed Network
10	Study On Outlier-detection Based Network Anomaly Detection Algorithm