Publication: Symptoms-Based Network Intrusion Detection System
| dc.contributor.author | Qassim Q.S. | en_US |
| dc.contributor.author | Jamil N. | en_US |
| dc.contributor.author | Mahdi M.N. | en_US |
| dc.contributor.authorid | 36613541700 | en_US |
| dc.contributor.authorid | 36682671900 | en_US |
| dc.contributor.authorid | 56727803900 | en_US |
| dc.date.accessioned | 2023-05-29T09:10:38Z | |
| dc.date.available | 2023-05-29T09:10:38Z | |
| dc.date.issued | 2021 | |
| dc.description | Anomaly detection; Classification (of information); Computer crime; Engines; Intrusion detection; Network security; Anomaly; Centralised; Cyber-attacks; Defence mechanisms; Detection agents; Feature; Intrusion Detection Systems; Malicious activities; Network intrusion detection systems; Signature; Machine learning | en_US |
| dc.description.abstract | Protecting the network perimeters from malicious activities is a necessity and essential defence mechanism against cyberattacks. Network Intrusion Detection system (NIDS) is commonly used as a defense mechanism. This paper presents the Symptoms-based NIDS, a new intrusion detection system approach that learns the normal network behaviours through monitoring a range of network data attributes at the network and the transport layers. The proposed IDS consists of distributed anomaly detection agents and a centralised anomaly classification engine. The detection agents are located at the end nodes of the protected network, detecting anomalies by analysing network traffic and identifying abnormal activities. These agents will capture and analyse the network and the transport headers of individual packets for malicious activities. The agents will communicate with the centralised anomaly classification engine upon detecting a suspicious activity for attack prioritisation and classification. The paper presented a list of network attributes to be considered as classification features to identify anomalies. � 2021, Springer Nature Switzerland AG. | en_US |
| dc.description.nature | Final | en_US |
| dc.identifier.doi | 10.1007/978-3-030-90235-3_42 | |
| dc.identifier.epage | 494 | |
| dc.identifier.scopus | 2-s2.0-85120533415 | |
| dc.identifier.spage | 482 | |
| dc.identifier.uri | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85120533415&doi=10.1007%2f978-3-030-90235-3_42&partnerID=40&md5=0708c59ddda53931ac2899890a5d4482 | |
| dc.identifier.uri | https://irepository.uniten.edu.my/handle/123456789/26447 | |
| dc.identifier.volume | 13051 LNCS | |
| dc.publisher | Springer Science and Business Media Deutschland GmbH | en_US |
| dc.source | Scopus | |
| dc.sourcetitle | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | |
| dc.title | Symptoms-Based Network Intrusion Detection System | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication |