An attack signature model to computer security intrusion detection

Nenhuma Miniatura disponível

Data

2002-12-01

Autores

Cansian, Adriano M. [UNESP]
Da Silva, Artur R.A. [UNESP]
De Souza, Marcelo [UNESP]

Título da Revista

ISSN da Revista

Título de Volume

Editor

Resumo

Internal and external computer network attacks or security threats occur according to standards and follow a set of subsequent steps, allowing to establish profiles or patterns. This well-known behavior is the basis of signature analysis intrusion detection systems. This work presents a new attack signature model to be applied on network-based intrusion detection systems engines. The AISF (ACME! Intrusion Signature Format) model is built upon XML technology and works on intrusion signatures handling and analysis, from storage to manipulation. Using this new model, the process of storing and analyzing information about intrusion signatures for further use by an IDS become a less difficult and standardized process.

Descrição

Palavras-chave

Computer networks, Electronic document identification systems, Information analysis, Security of data, XML, Attack signature model, Intrusion detection system, Intrusion signature format, Military communications

Como citar

Proceedings - IEEE Military Communications Conference MILCOM, v. 2, p. 1368-1373.