Anomaly Detection Model based on Network using the Session Patterns 


Vol. 11,  No. 6, pp. 719-724, Dec.  2004
10.3745/KIPSTC.2004.11.6.719


PDF
  Abstract

Recently, since the number of internet users is increasing rapidly and, by using the public hacking tools, general network users can intrude computer systems easily, the hacking problem is getting more serious. In order to prevent the intrusion, it is needed to detect the sign in advance of intrusion in a positive prevention by detecting the various forms of hackers' intrusion trials to know the vulnerability of systems. The existing network-based anomaly detection algorithms that cope with port-scanning and the network vulnerability scans have some weakness in intrusion detection. they can not detect slow scans and coordinated scans. therefore, the new concept of algorithm is needed to detect effectively the various forms of abnormal accesses for intrusion regardless of the intrusion methods. In this paper, SPAD(Session Pattern Anomaly Detector) is presented, which detects the abnormal service patterns by comparing them with the ordinary normal service patterns.

  Statistics
  Cite this article

[IEEE Style]

S. J. Park and Y. R. Choi, "Anomaly Detection Model based on Network using the Session Patterns," The KIPS Transactions:PartC, vol. 11, no. 6, pp. 719-724, 2004. DOI: 10.3745/KIPSTC.2004.11.6.719.

[ACM Style]

Soo Jin Park and Yong Rak Choi. 2004. Anomaly Detection Model based on Network using the Session Patterns. The KIPS Transactions:PartC, 11, 6, (2004), 719-724. DOI: 10.3745/KIPSTC.2004.11.6.719.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals