In order to prevent the intrusion in network-based information systems effectively, it is necessary to detect the early sign in advance of intrusion. This sort of pre-alerting approach may be classified as an active prevention, since detecting the various forms of hackers' intrusion trials to know the vulnerability of systems is not missed and early cross-checked. The existing network-based anomaly detection algorithms that cope with port-scanning and the network vulnerability scans have some weakness in slow scans and coordinated scans. Therefore, a new concept of pre-alerting algorithm is especially attractive to detect effectively the various forms of abnormal accesses for the trial of intrusion regardless of the intrusion methods. In this paper, we propose a session pattern anomaly detector (SPAD) which detects the abnormal service patterns by comparing them with the ordinary normal service patterns. © Springer-Verlag Berlin Heidelberg 2006.
CITATION STYLE
Park, S. J., Park, Y. S., Choi, Y. R., & Kang, S. (2006). SPAD: A session pattern anomaly detector for pre-alerting intrusions in home network. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3983 LNCS, pp. 432–439). Springer Verlag. https://doi.org/10.1007/11751632_47
Mendeley helps you to discover research relevant for your work.