Network-based Intrusion detection - Modeling for a larger picture

Atsushi Totsuka, Hidenari Ohwada, Nobuhisa Fujita, Debasish Chakraborty, Glenn Mansfield Keeni, Norio Shiratori

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The Internet is changing computing more than ever before. As the possibilities and the scopes are limitless, so too are the risks and chances of malicious intrusions. Due to the increased connectivity and the vast spectrum of financial possibilities, more and more systems are subject to attack by intruders. One of the commonly used method for intrusion detection is based on anomaly. Network based attacks may occur at various levels, from application to link levels. So the number of potential attackers or intruders are extremely large and thus it is almost impossible to ''profile'' entities and detect intrusions based on anomalies in host-based profiles. Based on meta-information, logical groupings has been made for the alerts that belongs to same logical network, to get a clearer and boarder view of the perpetrators. To reduce the effect of probably insignificant alerts a threshold technique is used.

Original languageEnglish
Title of host publicationProceedings of the 16th Conference on Systems Administration, LISA 2002
PublisherUSENIX Association
Number of pages6
ISBN (Electronic)193197103X, 9781931971034
Publication statusPublished - 2002
Event16th Systems Administration Conference, LISA 2002 - Philadelphia, United States
Duration: 2002 Nov 32002 Nov 8

Publication series

NameProceedings of the 16th Conference on Systems Administration, LISA 2002


Conference16th Systems Administration Conference, LISA 2002
Country/TerritoryUnited States

ASJC Scopus subject areas

  • Management of Technology and Innovation
  • Information Systems and Management


Dive into the research topics of 'Network-based Intrusion detection - Modeling for a larger picture'. Together they form a unique fingerprint.

Cite this