Abstract-Nowadays, the protection and the security of data transited within computer networks represent a real challenge for developers of computer applications and network administrators. The Intrusion Detection System and Intrusion Prevention System are the reliable techniques for a Good security. Any detected intrusion is based on data collection. So, the collection of an important and significant traffic on the monitored systems is an interesting feature. Thus, the first task of Intrusion Detection System and Intrusion Prevention System is to collect information's basis to treat and analyze them, and to make accurate decisions. Network analysis can be used to improve networks performances and their security, but it can also be used for malicious tasks. Our main goal in this article is to design a reliable and powerful network sniffer, called PcapSockS, based on pcap language and sockets, able to intercept traffic in three modes: connected, connectionless and raw mode. We start with the performances assessment performed on a list of most expanded and most recently used network sniffers. The study will be completed by a classification of these sniffers related to computer security objectives based on parameters library (libpcap/winpcap or libnet), filtering, availability, software or hardware, alert and real time. The PcapSockS provides a nice performance integrating reliable sniffing mechanisms that allow a supervision taking into account some low and high-level protocols for TCP and UDP network communications.
Abstract-the Intrusion Detection Systems (IDS) are now an essential component in the structure of network security. The logs of connections and network activity, with a large amount of information, can be used to detect intrusions. Despite the development of new technologies of information and communication following the advent of the Internet and networks, computer security has become a major challenge, and works in this research are becoming more numerous. Various tools and mechanisms are developed to ensure a level of security to meet the demands of modern life. Among the systems is intrusion detection for identifying abnormal behavior or suspicious activities to undermine the legitimate operation of the system. The objective of this paper is the design and implementation of a comprehensive architecture of IDS in a network.
Abstract.Intrusion detection and prevention is a set of techniques that try to detect attacks as they occur or after the attacks took place. There are two recent and useful approaches to detect intrusions: misuse and anomaly. They collect network traffic activities from some points on the network or computer system and then use them to secure the network using one or both of the available detection methods. The IDPS suffer major vulnerabilities with large generation of false positives and negatives. The anomaly detection aims to specify behavior detection problems that require modeling of profile preliminary. This paper describes a new approach of intrusion detection based on specified profile built from training basis using a database that contains normal activities collected within monitored network. The modeling of profile represents a real challenge for network administrators and computer security researchers. Our main goal is in the first hand, to present an application of multilayer perceptron to make a monitored system, in the second hand, to build a classifier for traffic events. A supervised algorithm is suggested and used in training. The recognition phase aims to validate the new classifier. Our classifier is able to distinct between normal activity and intrusion. We describe in details our novel detection approach and we validate the proposed solutions. We demonstrated that this novel approach is robust, flexible and gives useful performances using multilayer perceptron.
Despite the development of new technologies of information and communication following the advent of the Internet and networks, computer security has become a major challenge, and works in this research are becoming more numerous. Various tools and mechanisms are developed to ensure a level of security to meet the demands of modern life. Among the systems, intrusion detection for identifying abnormal behavior or suspicious activities to undermine the legitimate operation of the system. The objective of this paper is the design and implementation of a comprehensive architecture of IDS in a network.
The design of family of hash function based syndrome and its variants are based on a compression function, that uses a parity check matrix of an error correcting code (random, quasi-cyclic). The objective of this paper is to propose a one-way hash function (OHFGC) of variable size based on classical Goppa codes and the scheme of MERKLE and DAMGARAD. Classical Goppa codes, of pseudo-random characteristic, for regenerating parity check matrix from a primitive element of a finite field m F 2 and an integer 2 n m > , and for the design of the compression function. The scheme of MERKLE and DAMGARAD [4,5,6] whose the compression function is based on the calculation of syndromes, the initial vector specific to each message and the reduction function of weight of a given word.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.