Academic Journals Database
Disseminating quality controlled scientific knowledge

Applying Knowledge Discovery in Database Techniques in Modeling Packet Header Anomaly Intrusion Detection Systems

Author(s): Solahuddin B Shamsuddin | Mike E Woodward

Journal: Journal of Software
ISSN 1796-217X

Volume: 3;
Issue: 9;
Start page: 68;
Date: 2008;
Original page

Keywords: Anomaly | Intrusion Detection Systems | Knowledge Discovery in Database | Expert Production Rules

This paper describes packet header anomaly intrusion detection system modeling. The essence of the discussion in this paper is on applying knowledge discovery in database technique to produce expert production rules which is one of the main components of our model which we call as Protocol based Packet Header Anomaly Detector (PbPHAD) Intrusion Detection System. PbPHAD is designed to detect the anomalous behavior of network traffic packets based on three specific network and transport layer protocols namely UDP, TCP and ICMP to identify the degree of maliciousness from a set of detected anomalous packets identified from the sum of statistically modeled individually rated anomalous field values.
Save time & money - Smart Internet Solutions      Why do you need a reservation system?