Abstract
This paper describes an experimental protocol based packet header anomaly detector for Network and Host Intrusion Detection System modelling which analyses the behaviour of packet header field values based on its layer 2, 3 and 4 protocol fields of the ISO OSI Seven Layer Model for Networking. Our model which we call as Protocol based Packet Header Anomaly Detector (PbPHAD) Intrusion Detection System is designed to detect the anomalous behaviour of network traffic packets based on three specific network and transport layer protocols namely UDP, TCP and ICMP to identify the degree of maliciousness from a set of detected anomalous packets identified from the sum of statistically modelled individually rated anomalous field values. © Springer-Verlag Berlin Heidelberg 2007.
Author supplied keywords
Cite
CITATION STYLE
Shamsuddin, S. B., & Woodward, M. E. (2007). Modeling protocol based packet header anomaly detector for network and host intrusion detection systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4856 LNCS, pp. 209–227). Springer Verlag. https://doi.org/10.1007/978-3-540-76969-9_14
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
