Journal of the Korea Society for Simulation (한국시뮬레이션학회논문지)

The Korea Society for Simulation (한국시뮬레이션학회)
권호 표지

Performance Evaluation and Design of Intrusion Detection System Based on Immune System Model

면역 시스템 모델을 기반으로 한 침입 탐지 시스템 설계 및 성능 평가

  • 이종성 (한국항공대학교 컴퓨터공학과 분산/병렬처리 연구실)
  • Published : 1999.09.01
Download PDF
⟨ Previous Next ⟩

Abstract

Computer security is considered important due to the side effect generated from the expansion of computer network and rapid increase of the use of computers. Intrusion Detection System(IDS) has been an active research area to reduce the risk from intruders. We propose a new IDS model, which consists of several computers with IDS, based on the immune system model and describe the design of the IDS model and the prototype implementation of it for feasibility testing and evaluate the performance of the IDS in the aspect of detection time, detection accuracy, diversity which is feature of immune system, and system overhead. The IDSs are distributed and if any of distributed IDSs detect anomaly system call among system call sequences generated by a privilege process, the anomaly system call can be dynamically shared with other IDSs. This makes the IDSs improve the ability of immunity for new intruders.

Keywords

References

  1. A Comparative Analysis of Current Intrusion Detection Technologies James Cannady;Jay Harrell
  2. Computer Security Applications Conference Case-Based Reasoning for Intrusion Detection Mansour Esmaili;Rei Safavi-Naini
  3. Technical Report, Softward Agents for Intrusion Detection Jai Sundar B;Spafford E
  4. 한국정보처리학회 논문지 v.6 no.5 분산 침입 탐지 에이전트를 기반으로 한 지능형 침입탐지시스템 설계 이종성;채수환
  5. 정보보호센터 정보보호뉴스 no.13 침입탐지 기술 분류 및 기술적 구성요소 은유진;박정호
  6. Technical Report Applying Genetic Programming to Intrusion Detection Crosbie M;Spafford E
  7. IEEE Transactions on Software Engineering v.19 no.9 Statistical foundations of audit trail analysis for the detection of computer misuse Paul Helman;Gunar Liepins
  8. In Proceedings of the 1989 IEEE Symposium on Research in Security and Privacy Detection of anomalous computer session activity H.S. Vaccaro;G.E. Liepins
  9. In Proceedings of the 13th National Computer Security Conference The ComputerWatch data reduction tool Cheri Dowell;Paul Ramstedt
  10. Network Security Journal v.1 no.1 SECURENET : A network-oriented intelligent intrusion prevention and detection system Paul Spirakis et al
  11. Journal of Computer Security v.6 Lightweight Intrusion Dection for Networked Operating Systems S.A. Hofmeyr;A. Somayaji;S. Forrest
  12. New Security Paradigms Workshop Principle of a Computer Immune System A. Somayaji;S. Hofmeyr;S. Forrest
  13. PhD thesis, Department of Computer Science, University of California Execution Monitoring of security-critical programs in a distributed system: A specification-based approach Calvin Cheuk Wang Ko
  14. UNIX 프로그래밍 기술-SVR4 시스템 프로그래밍의 이론과 실제- 정진욱;안성진
  15. Sun Secrutiy Bulletin #00169
  19. SunSHIELD Basic Security Module Guide SunSoft, Moutain View
  20. IEEE Software v.14 no.5 Intrusion Detection via System Call Traces Kosoresow AP;S. Hofmeyr
  21. Man Pages: Rdist-remote file distribution program Sun Microsystem
  22. 1999 한국정보과학회 봄 학술발표논문집 v.26 no.1 컴퓨터 면역 시스템을 기반으로 한 침입탐지 시스템 설계 이종성;채수환
  23. 한국통신학회 학회지 v.16 no.11 침입탐지 기술 동향 이종성;채수환;박종서;지승도;이종근;이장세
  24. Research Report, RZ 3012 IBM Zurich Research Laboratory Fixed vs. Variable-Length Patterns for Detecting Suspicious Process Behavior Debar, H;Dacier, M;Nassehi, M;Wespi, A
  25. 한국정보처리학회 논문지 v.6 no.12 컴퓨터 면역 시스템을 기반으로 한 지능형 침입탐지시스템 이종성;채수환
  26. 한국정보보호센터 '99 정보보호 우수논문집 특권 프로세스의 시스템 호출 추적을 사용하는 침입탐지시스템 설계 : 면역 시스템 접근 이종성;채수환