Universiti Teknologi Malaysia Institutional Repository

Detection of DoS attacks using intrusion detection sensors

Maarof, Mohd. Aizaini and Pathemanthan, Ramakrishna (2002) Detection of DoS attacks using intrusion detection sensors. In: Proceedings of SPIE - The International Society for Optical Engineering , 18-20 Aug 2009, Xi'An China, China.

Full text not available from this repository.

Official URL: http://dx.doi.org/10.1117/12.481058


Intrusion detection systems have usually been developed using large host-based components. These components impose an extra load on the system where they run (sometimes even requiring a dedicated system) and are subject to tampering or disabling by an intruder. Additionally, intrusion detection systems have usually obtained information about host behavior through indirect means, such as audit trails or network packet traces. This potentially allows intruders to modify the information before the intrusion detection system, obtains it and slows down the detection and prevention of DoS attacks, making it possible for an intruder to hide his activities. In this paper we propose work that will attempt to show that it is possible to perform intrusion detection mechanism of DoS attacks using small sensors embedded in a computer system. These sensors will look for signs of specific intrusions. They will perform target monitoring by observing the behavior of the through an audit trail or other indirect means in real time while the Snort IDS running. Furthermore, by being built into the computer system it could provide a flexible alert sensor which may not impose a considerable extra load on the host they monitor.

Item Type:Conference or Workshop Item (Paper)
Uncontrolled Keywords:audit trail, DoS, intrusion detection, sensors, SNORT
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System
ID Code:7364
Deposited By: Maznira Sylvia Azra Mansor
Deposited On:02 Jan 2009 07:41
Last Modified:23 Jul 2017 03:15

Repository Staff Only: item control page