Browse > Article

Active Response Model and Scheme to Detect Unknown Attacks  

Kim, Bong-Han (Department of Computer and Information Engineering, Chongju University)
Kim, Si-Jung (Dept. of Computer Science, Chungju University)
Publication Information
Journal of information and communication convergence engineering / v.6, no.3, 2008 , pp. 294-300 More about this Journal
Abstract
This study was conducted to investigate what to consider for active response in the intrusion detection system, how to implement active response, and 6-phase response models to respond actively, including the active response scheme to detect unknown attacks by using a traffic measuring engine and an anomaly detection engine.
Keywords
Active response; anomaly detection; Intrusion detection; Unknown attack;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Kim, H.A. and Karp, B., 'Autograph: Toward Automated, Distributed Worm Signature Detection', 13th Usenix Security Symposium (Security 2004), August, 2004
2 H. Debar, D. Curry, B. Feinstein, 'The Intrusion Detection Message Exchange Format draft-ietf-idwg-idmef-xml-14', Internet-Draft, IETF, 2005
3 Carl Endorf, Eugene Schultz, Jim Mellander, 'Intrusion Detection & Prevention', McGrawHill, 2004
4 Jinqiao Yu, Y. V. Ramana Reddy, Sentil Selliah, Srinivas Kankanahalli, Sumitra Reddy, Vijayanand Bharadwaj. 'TRINETR: An Intrusion Detection Alert Management System,' 13th IEEE (WETICE'04), pp.235-240, 2004.
5 Jian Zhang, Jian Gong and Yong Ding, 'Research on automated rollbackability of intrusion response', Journal of Computer Security, Vol.12, No.5, pp.737-751, 2004   DOI
6 Kai Hwang, Ying Chen, Hua Liu. 'Defending Distributed Systems Against Malicious Intrusions and Network Anomalies' , IPDPS'05, 2005