The paper describes a new intrusion detection and prevention model, which is based on state machine-based formal grammar. This behavior-based model allows to detect computer attacks by means of normal network traffic modeling. The parameters of such normal network traffic are presented in a formal grammar. Each data packet that violates these parameters is considered as a part of intrusion and blocked by network filters. The described model was implemented in Intrusion Detection and Prevention System "Forpost" and successfully tested in a complex network environment. © Springer-Verlag Berlin Heidelberg 2005.
CITATION STYLE
Serdiouk, V. (2005). Behavior-based model of detection and prevention of intrusions in computer networks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3685 LNCS, pp. 380–393). https://doi.org/10.1007/11560326_29
Mendeley helps you to discover research relevant for your work.