Home > Table of Contents

Proceedings of the 2nd International Symposium on Web Information Systems and Applications (WISA 2009)

Nanchang, China, May 22-24, 2009

Editors: Fei Yu, Jiexian Zeng, and Guangxue Yue

AP Catalog Number: AP-PROC-CS-09CN001

ISBN: 978-952-5726-00-8 (Print), 978-952-5726-01-5 (CD-ROM)

Page(s): 148-151

The Application and Research of IDS model Based on Multi-technique Fusion

           Wang DongLiang, Wang Hongxin

Full text:  PDF

Abstract

According to the different analysis methods, the intrusion detection is divided into anomaly detection and misuse detection. In this thesis, we analyze the advantages and drawbacks of detection technology, Due to that, this paper proposes a IDS model based on multi-technique with misuse detection and anomaly detection which can overcome their drawbacks and develop their advantages to detect the known viruses, especially unknown viruses with the character of hacker, this kind of intelligence system is Multi-technique Fusion IDS model. This thesis makes use of the SVM and Expert system to construct a new flexible mixed model which can study and update its rules automatically. Besides, in this mixed model, it uses a kind of Memory Tree model to store its rules, this kind of store way can optimize the detection property and raise the detection efficiency. The results of testing based on host-IDS indicated the multi-technique fusion model by two technologies can ensures the higher detection rate and the lower false alarm rate. In addition, if net-IDS and host-IDS could be combined, it will more effectively raise detection efficiency.

Index Terms

Intrusion Detection, Intelligence System, Anomaly Detection, Misuse Detection, SVM, Exert System, Fusion IDS model

Copyright @ 2009 ACADEMY PUBLISHER — All rights reserved