The Research of a Cooperative Model Intrusion Detection System

Qiang, Zhu; Yuqiang, Shun

doi:10.1007/978-3-642-29458-7_75

Zhu Qiang² &
Shun Yuqiang³

Part of the book series: Advances in Intelligent and Soft Computing ((AINSC,volume 163))

1257 Accesses

Abstract

The paper introduces a model of the Cooperative System of Honeypots and Intrusion Detection System (CSHIDS). The method of implementing the cooperation is: firstly, the Honeypots and HoneyWall try to record various attackers’ behaviors and transfer them to Remote Log Server, secondly, the cooperative system divides the records into several classes by using the way of Unsupervised Clustering; thirdly, make the records labeled; and then extract attack-rules from the labeled records by Decision Tree; at last, add the new attack-rules to the Intrusion Detection System’s rule-set in a certain time interval. The purpose is that Intrusion Detection System (IDS) can detect the new attacks. This model’s effectiveness has been confirmed by the simulated experiments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Axeisson, S.: Intrusion detection systems: A survey and taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers University, Mnreh (2000)
Google Scholar
Han, S.-J., Cho, S.-B.: Detecting intrusion with rule-based integration of multiple models. Computers & Security 22(7), 613–623 (2003)
Article Google Scholar
Spitzner, L.: Honeypots: Definitions and Value of Honeypots, 5 (2003), http://www.trackinghackers.com/papers/honeypots.html
Gubbels, K.: Hands in the Koneypot, 3 (2002), http://www.sans.org/rr/wh1tepapers/detection/365.php
Honeypots Solutions: So you want to build your own honeypot, http://www.tracking-hackers.com/solutions/
Honeynet Project: Know YoLtr Enemy: Honeynets, http://www.honeynet.org
Luo, M., Wang, L., Zhang, H.: An Unsupervised Clustering-Based Intrusion Detection Method. Acta Electronica Sinica 31(11), 1713–1716 (2003)
Google Scholar
Jiawei, H., Kamber, M.: Data Mining Concept and Technique. China Machine Press, Beijing (2001)
Google Scholar
Wang, P.: Fuzzy Sets and Application. Shanghai scientific & Technical Publishers (1983)
Google Scholar
Honeynet Project. Know Your Enemy: Genll Honeynets (November 3, 2003), http://project.honeynet.org/papers/gen2/index.html
Richard Stevens, W.: TCP/IP illustrated Volumel: The Protocois. China Machine Press, Beijing (2000)
Google Scholar

Download references

Author information

Authors and Affiliations

Zhejiang Institute of Communication and Media, Hangzhou, P.R. China
Zhu Qiang
Changzhou University, Changzhou, P.R. China
Shun Yuqiang

Authors

Zhu Qiang
View author publications
You can also search for this author in PubMed Google Scholar
Shun Yuqiang
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhu Qiang .

Editor information

Editors and Affiliations

172 Zhuodaoquan Road, Wuhan, 430079, China, People's Republic
Wei Zhang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Qiang, Z., Yuqiang, S. (2012). The Research of a Cooperative Model Intrusion Detection System. In: Zhang, W. (eds) Advanced Technology in Teaching. Advances in Intelligent and Soft Computing, vol 163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29458-7_75

Download citation

DOI: https://doi.org/10.1007/978-3-642-29458-7_75
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29457-0
Online ISBN: 978-3-642-29458-7
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics