The prevention threat of behavior-based signature using pitcher flow architecture
In recent years, Intrusion Prevention System (IPS) has been widely implemented to prevent suspicious threats. Unlike the traditional Intrusion Detection System, IPS has additional features to secure the computer network system. IPS is an access control device with a prevention function, which enforc...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IJCSNS
2010
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/39151/2/20100443.pdf http://eprints.utm.my/id/eprint/39151/ http://paper.ijcsns.org/07_book/201004/20100443.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| Language: | English |
| id |
my.utm.39151 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.391512017-02-15T01:59:04Z http://eprints.utm.my/id/eprint/39151/ The prevention threat of behavior-based signature using pitcher flow architecture Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid QA75 Electronic computers. Computer science In recent years, Intrusion Prevention System (IPS) has been widely implemented to prevent suspicious threats. Unlike the traditional Intrusion Detection System, IPS has additional features to secure the computer network system. IPS is an access control device with a prevention function, which enforces a network security policy, is a helpful device that allows for more granular blocking action. In this paper, we propose a new prediction and prevention method with behavior-based detection, this method is called pitcher flow. We describes the habitual activity of the performance an overall network with a new algorithm for identifying and recognizing the normal behavior of user activities in the internal network. First, we define behavior activity by duration of activity conducted and active connection. Second, we categorize packets into class/type, identifying parameters by classifying the packets. Finally, we use the pitcher flow mechanism to identify and recognize suspicious threats. This paper also describes an algorithm for the complexity of the suspicious response. IJCSNS 2010-04 Article PeerReviewed text/html en http://eprints.utm.my/id/eprint/39151/2/20100443.pdf Stiawan, Deris and Abdullah, Abdul Hanan and Idris, Mohd. Yazid (2010) The prevention threat of behavior-based signature using pitcher flow architecture. International Journal of Computer Science and Network Security, 10 (4). pp. 289-294. ISSN 1738-7906 http://paper.ijcsns.org/07_book/201004/20100443.pdf |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| language |
English |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid The prevention threat of behavior-based signature using pitcher flow architecture |
| description |
In recent years, Intrusion Prevention System (IPS) has been widely implemented to prevent suspicious threats. Unlike the traditional Intrusion Detection System, IPS has additional features to secure the computer network system. IPS is an access control device with a prevention function, which enforces a network security policy, is a helpful device that allows for more granular blocking action. In this paper, we propose a new prediction and prevention method with behavior-based detection, this method is called pitcher flow. We describes the habitual activity of the performance an overall network with a new algorithm for identifying and recognizing the normal behavior of user activities in the internal network. First, we define behavior activity by duration of activity conducted and active connection. Second, we categorize packets into class/type, identifying parameters by classifying the packets. Finally, we use the pitcher flow mechanism to identify and recognize suspicious threats. This paper also describes an algorithm for the complexity of the suspicious response. |
| format |
Article |
| author |
Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid |
| author_facet |
Stiawan, Deris Abdullah, Abdul Hanan Idris, Mohd. Yazid |
| author_sort |
Stiawan, Deris |
| title |
The prevention threat of behavior-based signature using pitcher flow architecture
|
| title_short |
The prevention threat of behavior-based signature using pitcher flow architecture
|
| title_full |
The prevention threat of behavior-based signature using pitcher flow architecture
|
| title_fullStr |
The prevention threat of behavior-based signature using pitcher flow architecture
|
| title_full_unstemmed |
The prevention threat of behavior-based signature using pitcher flow architecture
|
| title_sort |
prevention threat of behavior-based signature using pitcher flow architecture |
| publisher |
IJCSNS |
| publishDate |
2010 |
| url |
http://eprints.utm.my/id/eprint/39151/2/20100443.pdf http://eprints.utm.my/id/eprint/39151/ http://paper.ijcsns.org/07_book/201004/20100443.pdf |
| _version_ |
1643650307870162944 |