Symptoms-Based Network Intrusion Detection System

Anomaly detection; Classification (of information); Computer crime; Engines; Intrusion detection; Network security; Anomaly; Centralised; Cyber-attacks; Defence mechanisms; Detection agents; Feature; Intrusion Detection Systems; Malicious activities; Network intrusion detection systems; Signature; M...

Full description

Saved in:
Bibliographic Details
Main Authors: Qassim Q.S., Jamil N., Mahdi M.N.
Other Authors: 36613541700
Format: Conference Paper
Published: Springer Science and Business Media Deutschland GmbH 2023
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.uniten.dspace-26447
record_format dspace
spelling my.uniten.dspace-264472023-05-29T17:10:38Z Symptoms-Based Network Intrusion Detection System Qassim Q.S. Jamil N. Mahdi M.N. 36613541700 36682671900 56727803900 Anomaly detection; Classification (of information); Computer crime; Engines; Intrusion detection; Network security; Anomaly; Centralised; Cyber-attacks; Defence mechanisms; Detection agents; Feature; Intrusion Detection Systems; Malicious activities; Network intrusion detection systems; Signature; Machine learning Protecting the network perimeters from malicious activities is a necessity and essential defence mechanism against cyberattacks. Network Intrusion Detection system (NIDS) is commonly used as a defense mechanism. This paper presents the Symptoms-based NIDS, a new intrusion detection system approach that learns the normal network behaviours through monitoring a range of network data attributes at the network and the transport layers. The proposed IDS consists of distributed anomaly detection agents and a centralised anomaly classification engine. The detection agents are located at the end nodes of the protected network, detecting anomalies by analysing network traffic and identifying abnormal activities. These agents will capture and analyse the network and the transport headers of individual packets for malicious activities. The agents will communicate with the centralised anomaly classification engine upon detecting a suspicious activity for attack prioritisation and classification. The paper presented a list of network attributes to be considered as classification features to identify anomalies. � 2021, Springer Nature Switzerland AG. Final 2023-05-29T09:10:38Z 2023-05-29T09:10:38Z 2021 Conference Paper 10.1007/978-3-030-90235-3_42 2-s2.0-85120533415 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85120533415&doi=10.1007%2f978-3-030-90235-3_42&partnerID=40&md5=0708c59ddda53931ac2899890a5d4482 https://irepository.uniten.edu.my/handle/123456789/26447 13051 LNCS 482 494 Springer Science and Business Media Deutschland GmbH Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
description Anomaly detection; Classification (of information); Computer crime; Engines; Intrusion detection; Network security; Anomaly; Centralised; Cyber-attacks; Defence mechanisms; Detection agents; Feature; Intrusion Detection Systems; Malicious activities; Network intrusion detection systems; Signature; Machine learning
author2 36613541700
author_facet 36613541700
Qassim Q.S.
Jamil N.
Mahdi M.N.
format Conference Paper
author Qassim Q.S.
Jamil N.
Mahdi M.N.
spellingShingle Qassim Q.S.
Jamil N.
Mahdi M.N.
Symptoms-Based Network Intrusion Detection System
author_sort Qassim Q.S.
title Symptoms-Based Network Intrusion Detection System
title_short Symptoms-Based Network Intrusion Detection System
title_full Symptoms-Based Network Intrusion Detection System
title_fullStr Symptoms-Based Network Intrusion Detection System
title_full_unstemmed Symptoms-Based Network Intrusion Detection System
title_sort symptoms-based network intrusion detection system
publisher Springer Science and Business Media Deutschland GmbH
publishDate 2023
_version_ 1806424500529528832
score 13.214268