The architecture of a network level intrusion detection system

Abstract

This paper presents the preliminary architecture of a network level intrusion detection system. The proposed system will monitor base level information in network packets (source, destination, packet size, and time), learning the normal patterns and announcing anomalies as they occur. The goal of this research is to determine the applicability of current intrusion detection technology to the detection of network level intrusions. In particular, the authors are investigating the possibility of using this technology to detect and react to worm programs.

Keywords

MATHEMATICS
COMPUTERS
INFORMATION SCIENCE
MANAGEMENT
LAW
MISCELLANEOUS
COMPUTER NETWORKS
INTRUSION DETECTION SYSTEMS
SECURITY
COMPUTER ARCHITECTURE
EXPERT SYSTEMS
COMPUTER CODES

This publication has 0 references indexed in Scilit: