Academic Journals Database
Disseminating quality controlled scientific knowledge

Applying Knowledge Discovery in Database Techniques in Modeling Packet Header Anomaly Intrusion Detection Systems

ADD TO MY LIST
 
Author(s): Solahuddin B Shamsuddin | Mike E Woodward

Journal: Journal of Software
ISSN 1796-217X

Volume: 3;
Issue: 9;
Start page: 68;
Date: 2008;
Original page

Keywords: Anomaly | Intrusion Detection Systems | Knowledge Discovery in Database | Expert Production Rules

ABSTRACT
This paper describes packet header anomaly intrusion detection system modeling. The essence of the discussion in this paper is on applying knowledge discovery in database technique to produce expert production rules which is one of the main components of our model which we call as Protocol based Packet Header Anomaly Detector (PbPHAD) Intrusion Detection System. PbPHAD is designed to detect the anomalous behavior of network traffic packets based on three specific network and transport layer protocols namely UDP, TCP and ICMP to identify the degree of maliciousness from a set of detected anomalous packets identified from the sum of statistically modeled individually rated anomalous field values.
Why do you need a reservation system?      Affiliate Program