Effective allied network security system based on designed scheme with conditional legitimate probability against distributed network attacks and intrusions

International Journal of Communication Systems

Volumn 25, Issue 5, 2012, Pages 672-688

  Chen, Ruey Maw ^a   Hsieh, Kuo Ta ^a  

^a NATIONAL CHIN YI UNIVERSITY OF TECHNOLOGY   (Taiwan)

Author keywords

allied DIPS; conditional legitimate probability; firewall; IDS; IPS

Indexed keywords

ACTIVITY PROBLEM; ALLIED DIPS; ANOMALY DETECTION; DETECTION ACCURACY; DISTRIBUTED DENIAL OF SERVICE ATTACK; DISTRIBUTED NETWORKS; FALSE NEGATIVES; FALSE POSITIVE; FIREWALL; IDS; INTERNET SECURITY; INTRUSION PREVENTION SYSTEMS; INTRUSION SIGNATURES; IPS; MISUSE DETECTION; NETWORK INTRUSION DETECTION SYSTEMS; NETWORK TRAFFIC; REAL NETWORKS;

INTERNET; INTRUSION DETECTION; NETWORK SECURITY; PROBABILITY;

COMPUTER CRIME;

EID: 84860700540     PISSN: 10745351     EISSN: 10991131     Source Type: Journal    
DOI: 10.1002/dac.1289     Document Type: Article

References (38)

1. Deng DJ, Chang LW, Ke CH, Huang YM, Chang JM,. Delay constrained up-link scheduling policy for rtPS/ertPS Service in IEEE 802.16e BWA Systems. International Journal of Communication Systems 2009; 22 2: 119-133.
2. Su BL, Wang MS, Huang YM,. Localized and load-balanced clustering for energy saving in wireless sensor networks. International Journal of Communication Systems 2008; 21 8: 799-814.
3. Huang YM, Hsieh MY, Chao HC, Hung SH, Park JH,. Pervasive, Secure Access to a Hierarchical-based Healthcare Monitoring Architecture in Wireless Heterogeneous Sensor Networks. IEEE Journal on Selected Areas in Communications 2009; 27 4: 400-411.
4. Wikipedia. Firewall (computing). Available from: [Apr. 2008].
5. The FreeBSD Documentation Project. FreeBSD Handbook. Available from: [June 2009].
6. Kazienko P, Dorosz P,. Intrusion Detection Systems (IDS) Part I-(network intrusions; attack symptoms; IDS tasks; and IDS architecture). Available from: [Nov. 2008].
7. Wikipedia. Intrusion detection system. Available from: [Apr. 2009].
8. Lazarevic A, Ertoz L, Kumar V, Ozgur A, Srivastava J,. A comparative study of anomaly detection schemes in network intrusion detection, Proceedings of Third SIAM Conference on Data Mining, May 2003.
9. Ulvila JW, JGaffney JE,. Evaluation of intrusion detection systems. Journal of Research of the National Institue of Standard and Technology 2003; 108 6: 453-473.
10. Fuchsberger A,. Intrusion detection systems and intrusion prevention systems. Information Security Technical Report 2005; 10 3: 134-139. (Pubitemid 41550372)
11. Zhang X, Li C, Zheng W,. Intrusion prevention system design, The Fourth International Conference on Computer and Information Technology,14-16 September 2004.
12. Xu D, Ning P,. Correlation analysis of intrusion alerts, In Intrusion Detection Systems, (Vol. 38 of Advances in Information Security), Pietro R, Mancini L, (eds), Springer, Berlin, (2008; 65-92. ISBN 978-0-387-77265-3
13. Ning P, Xu D,. Toward automated intrusion alert analysis, In Network Security, Huang S, Du D, MacCallum D, (eds), Springer, Berlin, 2010. ISBN 978-0-387-73820-8
14. Cuppens-Boulahia N, Cuppens F, Vergara JEL, Vazquez E, Guerra J, Debar H,. An ontology-based approach to react to network attacks, Third International Conference on Risk and Security of Internet and Systems, Tozer, Tunisia, October 2008.
15. Morin B, Mé L, Debar H, Ducassé M,. A logic-based model to support alert correlation in intrusion detection. Information Fusion 2009; 10 4: 285-299.
16. Viinikka J, Debar H, Me L, Lehikoinen A, Tarvainen M,. Processing intrusion detection alert aggregates with time series modeling. Information Fusion 2009; 10 4: 312-324.
17. Xu D, Ning P,. A flexible approach to intrusion alert anonymization and correlation, Securecomm and Workshops,28 August-1 September 2006; 1-10.
18. Ning P, Xu D, Healey C, Amant RS,. Building attack scenarios through integration of complementary alert correlation methods, In Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS 2004), Internet Society, Reston, VA, 2004; 97-111.
19. Basicevic F, Popovic M, Kovacevic V,. The use of distributed network-based IDS systems in detection of evasion attacks, Advance Industrial Conference on Telecommunications/Service Assurance with Partial and Intermittent Resources Conference/E-learning on Telecommunications Workshop,17-20 July 2005; 78-82. (Pubitemid 44739797)
20. Chaboya D, Raines R, Baldwin R, Mullins B,. Network intrusion detection: automated and manual methods prone to attack and evasion. Journal of IEEE Security & Privacy 2006; 8 6: 36-43. (Pubitemid 44925870)
21. Cuppens F, Miege A,. Alert correlation in a cooperative intrusion detection framework, Proceedings of 2002 IEEE Symposium on Security and Privacy, 2002; 202-215. (Pubitemid 34648114)
22. Ke CH, Li B, Huang YM, Chang JM,. Enhanced high performance distributed coordination function for IEEE 802.11 multi-rate LANs. International Journal of Communication Systems 2008; 22 8: 1045-1061.
23. Hsu CH, Park JH, Yang LT, Freire M,. Secure communications and data management in ubiquitous services. International Journal of Communication Systems 2009; 22 9: 1065-1068.
24. The FreeBSD Foundation. FreeBSD The Power to Serve. Available from: [Sep. 2008].
25. Janakiraman R, Waldvogel M, Zhang Q,. Indra: a peer-to-peer approach to network intrusion detection and prevention, 12th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises,9-11 June 2003; 226-231.
26. Koller R, Rangaswami R, Marrero J, Hern J, Smith G, Barsilai Y, Necula S, Sadjadi SM, Li T, Merrill K,. Anatomy of a real-time intrusion prevention system,International Conference on Autonomic Computing; 151-160. 2-6 June 2008.
27. Kim Y, Lau WC, Chuah MC, Chao HJ,. Packetscore: statistics-based overload control against distributed denial-of-service attacks. INFOCOM 2004; 4: 2594-2604.
28. MIT Lincoln Laboratory. Information Systems Technology. Available from: [Sep. 2008].
29. Wuu LC, Chen YH, Ma CC, Lung IT,. A Practice of the Intrusion Prevention System, TENCON-2007 IEEE Region 10 Conference,30 October-2 November 2007; 1-4.
30. The Wireshark team. Wireshark User's Guide. Available from: http://www.wireshark.org/docs/[Jan. 2009].
31. Gordon Lyon,. Nmap. Available from: http://nmap.org/docs.html[Jan. 2009].
32. XFOCUS Team. tfn2k.gz. Available from: http://www.xfocus.net/tools/ 200405/697.html[Dec. 2008].
33. Mixter. tfn2k use and countermeasures. Available from: http://fanqiang.chinaunix.net/a5/b6/20010419/130342-b.html[Dec. 2008].
34. Mixter. Tribe Flood Network. Available from: http://en.wikipedia.org/ wiki/tribe-flood-network[Dec. 2008].
35. Brugger ST, Chow J,. An assessment of the DARPA IDS Evaluation Dataset Using Snort, Technical Report CSE-2007-1, University of California Davis, Davis, CA, (6 January 2007).
36. Zhang D, Leckie C,. An evaluation technique for network intrusion detection systems, In Proceedings of the 1st International Conference on Scalable Information Systems (Vol. 152 of ACM International Conference Proceeding Series of Infoscale), ACM, New York, NY, 2006; 23-33.
37. Kendall K,. A database of computer attacks for the evaluation of intrusion detection systems, Master Thesis, Massachussetts Institute of Technology, 1999.
38. Lippmann RP, Fried DJ, Graf I, Haines JW, Kendall JR, McClung D, Weber D, Webster SE, Wyschogrod D, Cunningham RK, Zissman MA,. Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation, Proceedings on DARPA Information Survivability Conference and Exposition, Hilton Head, SC, 25-27 January 2000; 12-26.