A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is
Lecture Notes in Computer Science
Building intrusion detection model in an automatic and online way is worth discussing for timely detecting new attacks. This paper gives a scheme to automatically construct snort rules based on data captured by honeypots on line. Since traffic data to honeypots represent abnormal activities, activity patterns extracted from those data can be used as attack signatures. Packets captured by honeypots are unwelcome, but it appears unnecessary to translate each of them into a signature to use entiredoi:10.1007/978-3-540-30141-7_61 fatcat:gaiqqvxamrhylhgd6owhpszixq