Internet Archive Scholar

A Framework of Event-Driven Detection System for Intricate Network Threats

Rongmao Chen, Linbo Qiao, Bofeng Zhang, Zhenghu Gong
2013 Proceedings of the International Conference on Computer, Networks and Communication Engineering (ICCNCE 2013)   unpublished

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.0 MB)
https://web.archive.org/web/20190501205841/https://download.atlantis-press.com/article/6594.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL. The file type is application/pdf.

As the network threats nowadays turn to be more intricate and diversiform, traditional intrusion detection methods are facing with the challenges of lacking flexibility because that they are just code-actual. This paper summarizes the common correlating features exhibited by the network events from the perspective of the detector, and proposes a detection framework which can be used to detect various network threats.After having a static scanning of the threats pattern library, it loads and
more » ... ials the data structure of threat behaviors, and then utilizes the scheme of event driven to deal with the network event streams. Finally, it logs and calls the related function to query the threat behavior states. The formalization analysis shows that this framework has high flexibility and expansibility to adapt to the evolvement of network threat behaviors.
doi:10.2991/iccnce.2013.138 fatcat:btwdh5cywjhhlnpcgalko6rtwy
Citation

Rongmao Chen, Linbo Qiao, Bofeng Zhang, Zhenghu Gong. "A Framework of Event-Driven Detection System for Intricate Network Threats." Proceedings of the International Conference on Computer, Networks and Communication Engineering (ICCNCE 2013) (2013)