Skip to main content
Conference ProceedingsOPEN ACCESS

Conceptual integration of flow-based and packet-based network intrusion detection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008) 5127 LNCS 190-194
DOI: 10.1007/978-3-540-70587-1_17
11Citations
Citations of this article
16Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Network-based Intrusion Detection Systems aim at the detection of malicious activities by an inspection of network traffic. Since network link speeds and traffic volume grew over the last years, payload-based analysis became difficult, leading to the development of alternative approaches for flowbased analysis. Although each approach alone suffers a set of drawbacks, a few experiments with hybrid approaches show potential for synergies. This work analyses these drawbacks in order to develop a conceptual framework for hybrid approaches, integrating the two concepts in a fashion to compensate for their respective weaknesses proposed. © 2008 Springer-Verlag Berlin Heidelberg.

Cite

CITATION STYLE

APA

Schaffrath, G., & Stiller, B. (2008). Conceptual integration of flow-based and packet-based network intrusion detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5127 LNCS, pp. 190–194). https://doi.org/10.1007/978-3-540-70587-1_17

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free