CONDOR: A hybrid IDS to offer improved intrusion detection
Abstract:
Intrusion Detection Systems are an accepted and very useful option to monitor, and detect malicious activities. However, Intrusion Detection Systems have inherent limitations which lead to false positives and false negatives; we propose that combining signature and anomaly based IDSs should be examined. This paper contrasts signature and anomaly-based IDSs, and critiques some proposals about hybrid IDSs with signature and heuristic capabilities, before considering some of their contributions in order to include them as main features of a new hybrid IDS named CONDOR (COmbined Network intrusion Detection ORientate), which is designed to offer superior pattern analysis and anomaly detection by reducing false positive rates and administrator intervention. © 2012 IEEE.
Año de publicación:
2012
Keywords:
- hybrid
- Anomaly
- Ids
- false positive
- Signature
- intrusion detection
- false negative
- NIDS
Fuente:
scopus
googleTipo de documento:
Conference Object
Estado:
Acceso restringido
Áreas de conocimiento:
- Ciencias de la computación
Áreas temáticas:
- Programación informática, programas, datos, seguridad
- Lingüística
- Ingeniería y operaciones afines
