A Framework of Event-Driven Detection System for Intricate Network Threats
- DOI
- 10.2991/iccnce.2013.138How to use a DOI?
- Keywords
- Intricate network threat, Detection Framework, Event-driven, Event aggregation
- Abstract
As the network threats nowadays turn to be more intricate and diversiform, traditional intrusion detection methods are facing with the challenges of lacking flexibility because that they are just code-actual. This paper summarizes the common correlating features exhibited by the network events from the perspective of the detector, and proposes a detection framework which can be used to detect various network threats.After having a static scanning of the threats pattern library, it loads and initials the data structure of threat behaviors, and then utilizes the scheme of event driven to deal with the network event streams. Finally, it logs and calls the related function to query the threat behavior states. The formalization analysis shows that this framework has high flexibility and expansibility to adapt to the evolvement of network threat behaviors.
- Copyright
- © 2013, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Rongmao Chen AU - Linbo Qiao AU - Bofeng Zhang AU - Zhenghu Gong PY - 2013/07 DA - 2013/07 TI - A Framework of Event-Driven Detection System for Intricate Network Threats BT - Proceedings of the International Conference on Computer, Networks and Communication Engineering (ICCNCE 2013) PB - Atlantis Press SP - 556 EP - 560 SN - 1951-6851 UR - https://doi.org/10.2991/iccnce.2013.138 DO - 10.2991/iccnce.2013.138 ID - Chen2013/07 ER -