Abstract
The paper introduces a model of the Cooperative System of Honeypots and Intrusion Detection System (CSHIDS). The method of implementing the cooperation is: firstly, the Honeypots and HoneyWall try to record various attackers’ behaviors and transfer them to Remote Log Server, secondly, the cooperative system divides the records into several classes by using the way of Unsupervised Clustering; thirdly, make the records labeled; and then extract attack-rules from the labeled records by Decision Tree; at last, add the new attack-rules to the Intrusion Detection System’s rule-set in a certain time interval. The purpose is that Intrusion Detection System (IDS) can detect the new attacks. This model’s effectiveness has been confirmed by the simulated experiments.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Axeisson, S.: Intrusion detection systems: A survey and taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers University, Mnreh (2000)
Han, S.-J., Cho, S.-B.: Detecting intrusion with rule-based integration of multiple models. Computers & Security 22(7), 613–623 (2003)
Spitzner, L.: Honeypots: Definitions and Value of Honeypots, 5 (2003), http://www.trackinghackers.com/papers/honeypots.html
Gubbels, K.: Hands in the Koneypot, 3 (2002), http://www.sans.org/rr/wh1tepapers/detection/365.php
Honeypots Solutions: So you want to build your own honeypot, http://www.tracking-hackers.com/solutions/
Honeynet Project: Know YoLtr Enemy: Honeynets, http://www.honeynet.org
Luo, M., Wang, L., Zhang, H.: An Unsupervised Clustering-Based Intrusion Detection Method. Acta Electronica Sinica 31(11), 1713–1716 (2003)
Jiawei, H., Kamber, M.: Data Mining Concept and Technique. China Machine Press, Beijing (2001)
Wang, P.: Fuzzy Sets and Application. Shanghai scientific & Technical Publishers (1983)
Honeynet Project. Know Your Enemy: Genll Honeynets (November 3, 2003), http://project.honeynet.org/papers/gen2/index.html
Richard Stevens, W.: TCP/IP illustrated Volumel: The Protocois. China Machine Press, Beijing (2000)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag GmbH Berlin Heidelberg
About this paper
Cite this paper
Qiang, Z., Yuqiang, S. (2012). The Research of a Cooperative Model Intrusion Detection System. In: Zhang, W. (eds) Advanced Technology in Teaching. Advances in Intelligent and Soft Computing, vol 163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29458-7_75
Download citation
DOI: https://doi.org/10.1007/978-3-642-29458-7_75
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29457-0
Online ISBN: 978-3-642-29458-7
eBook Packages: EngineeringEngineering (R0)