Skip to main content
SpringerLink
Log in

Agent-Based Real Time Intrusion Detection System Against Malformed Packet Attacks

  • Conference paper
Agent Computing and Multi-Agent Systems (PRIMA 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4088))

Included in the following conference series:

Abstract

The current paper proposes a network-based Intrusion Detection System (IDS) that can efficiently detect attacks based on malformed packets that continues to increase, along with more intelligent and skillful hacking techniques. Our system firstly extracts the important features from network packets and analyzes simple attacks and detects IP fragmentation attacks. Thereafter, it collects information from the SA and the FA and other strange information related to the malformed packet. Finally, it judges whether or not an intrusion has occurred on the basis of information gathered from target systems by CAs. The simulation result shows 0% false-positive and 0% false-negative, 100% detection ratio, thereby confirming the accuracy of the proposed IDS in detecting fragmentation attacks.

This work was supported by the Brain Korea 21 Project in 2006.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Skoudis, E.: Counter Hack. Prentice-Hall, Englewood Cliffs (2002)

    Google Scholar 

  2. Proctor, P.E.: Practical Intrusion Detection Handbook. Prentice Hall PTR, Englewood Cliffs (2001)

    Google Scholar 

  3. Bykova, M., Ostermann, S., Tjaden, B.: Detection Network Intrusions via Statistical Analysis of Network Packet Characteristics. 33rd Southeastern Symposium on System Theory (SSST), 309–314 (2001)

    Google Scholar 

  4. Forozan, B.A.: TCP/IP Protocol Suite. Mcgraw-Hill Companies, Inc (2000)

    Google Scholar 

  5. Biermann, E., Cloete, E., Venter, L.M.: A comparison of Intrusion Detection System. Computers and Security 20, 676–683 (2001)

    Article  Google Scholar 

  6. Northcut, S., Novak, J.: Network Intrusion Detection An Analyst’s Handbook, 2nd edn., New Riders (2001)

    Google Scholar 

  7. http://www.cet.nau.edu/~mc8/Socket/Tutorials/section4.html

  8. Kim, S.-C.: Abnormal IP Packets. Korea Computer Emergency Response Team Coordination Center (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering at Kyungpook National University, Daegu, 702-701, Korea

    Jun-Cheol Jeon & Kee-Young Yoo

  2. Planning and Administration Office at Seoul Metropolitan Office of Education, Seoul, 110-781, Korea

    Eun-Yeung Choi

Authors
  1. Jun-Cheol Jeon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eun-Yeung Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kee-Young Yoo
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Key Laboratory of Intelligent Information Processing, Institute of Computing Technology, Chinese Academy of Sciences, 100080, Beijing

    Zhong-Zhi Shi

  2. Asian Institute of Technology, P.O. Box 4, 12120, Klong Luang, Pathumthani, Thailand

    Ramakoti Sadananda

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jeon, JC., Choi, EY., Yoo, KY. (2006). Agent-Based Real Time Intrusion Detection System Against Malformed Packet Attacks. In: Shi, ZZ., Sadananda, R. (eds) Agent Computing and Multi-Agent Systems. PRIMA 2006. Lecture Notes in Computer Science(), vol 4088. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11802372_98

Download citation

  • DOI: https://doi.org/10.1007/11802372_98

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-36707-9

  • Online ISBN: 978-3-540-36860-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation