Multi-level intrusion detection system (ML-IDS)

Youssif Al-Nashif, Aarthi Arun Kumar, Salim Hariri, Guangzhi Qu, Yi Luo, Ferenc Szidarovsky

Research output: Chapter in Book/Report/Conference proceedingConference contribution

50 Scopus citations

Abstract

As the deployment of network-centric systems increases, network attacks are proportionally increasing in intensity as well as complexity. Attack detection techniques can be broadly classified as being signature-based, classification-based, or anomaly-based. In this paper we present a multi level intrusion detection system (ML-IDS) that uses autonomic computing to automate the control and management of ML-IDS. This automation allows ML-IDS to detect network attacks and proactively protect against them. ML-IDS inspects and analyzes network traffic using three levels of granularities (traffic flow, packet header, and payload), and employs an efficient fusion decision algorithm to improve the overall detection rate and minimize the occurrence of false alarms. We have individually evaluated each of our approaches against a wide range of network attacks, and then compared the results of these approaches with the results of the combined decision fusion algorithm.

Original languageEnglish (US)
Title of host publication5th International Conference on Autonomic Computing, ICAC 2008
Pages131-140
Number of pages10
DOIs
StatePublished - 2008
Event5th International Conference on Autonomic Computing, ICAC 2008 - Chicago, IL, United States
Duration: Jun 2 2008Jun 6 2008

Publication series

Name5th International Conference on Autonomic Computing, ICAC 2008

Other

Other5th International Conference on Autonomic Computing, ICAC 2008
Country/TerritoryUnited States
CityChicago, IL
Period6/2/086/6/08

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Hardware and Architecture
  • Software
  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'Multi-level intrusion detection system (ML-IDS)'. Together they form a unique fingerprint.

Cite this