1
Trend template for intrusion detection | |
Author | Habib, Md. Ahsan |
Call Number | AIT Thesis no.ICT-07-19 |
Subject(s) | Computer security Computer networks--Security measures |
Note | A thesis submitted in partial fulfillment of the requirements for the degree of Master of Engineering in Information & Communications Technologies, School of Engineering and Technology |
Publisher | Asian Institute of Technology |
Series Statement | Thesis ; no. ICT-07-19 |
Abstract | Computers, in conjunction with tremendous evolution of Internet, have been changing our lives heavily from last couple of decades. This type of dependency includes online business transactions, e-learning, online medical activities, and what's not! But the computer systems themselves are not penetration-proof. Various kinds of vulnerabilities are there and thousands of ways to break into a computer system by intruders. Security has been a challenge for years. Due to having clear knowledge on working principle of computer systems, novel intrusion techniques are discovered quicker in time. At this point, the need of protection arises. Besides the operating system provided security mechanisms, special tools, known as Intrusion Detection System (IDS), are required to detect and respond to the attempts of attacks. Effective IDS has been a top research issue for years and different kinds of approaches have been proposed for intrusion detection. In parallel to up-to-date security protection mechanisms, new techniques of intrusions always keep up with it in time. Therefore, the best solution is questionable. Intrusion detection is a big challenge and will remain so in time. Attack detection languages provide with necessary support to the intrusion detection systems by offering richer attack events descriptions. An intelligent attack events description actually solves almost half of the problem by well explaining an attack signature. Programming an intrusion detector is just a matter of time. A skilled programmer won't take more than 3 or 4 months to develop a small size intrusion detector program if prototypes of attack signatures and algorithm are available. In this thesis, an attack detection language, named Trend Template Language (TTL), was explored and improved to encode richer descriptions of computer attack events. Then an attack detection algorithm was developed which implemented those richer attack events (trends) and detected the signatures from the intrusion data |
Year | 2007 |
Corresponding Series Added Entry | Asian Institute of Technology. Thesis ; no. ICT-07-19 |
Type | Thesis |
School | School of Engineering and Technology (SET) |
Department | Department of Information and Communications Technologies (DICT) |
Academic Program/FoS | Information and Communication Technology (ICT) |
Chairperson(s) | Phan Minh Dung; |
Examination Committee(s) | Vatcharapom Esichaikul;Bohez, Erik L J; |
Scholarship Donor(s) | FINLAND;Asian Institute of Technology Fellowship; |
Degree | Thesis (M.Eng.) - Asian Institute of Technology, 2007 |