首页    期刊浏览 2024年11月28日 星期四
登录注册

文章基本信息

  • 标题:CORO : GRAPH-BASED AUTOMATIC INTRUSION DETECTION SYSTEM SIGNATURE GENERATOR FOR E-VOTING PROTECTION
  • 本地全文:下载
  • 作者:SUPENO DJANALI ; BASKORO ADI P. ; HUDAN STUDIAWAN
  • 期刊名称:Journal of Theoretical and Applied Information Technology
  • 印刷版ISSN:1992-8645
  • 电子版ISSN:1817-3195
  • 出版年度:2015
  • 卷号:81
  • 期号:3
  • 出版社:Journal of Theoretical and Applied
  • 摘要:Attacks on computer network are increasing everyday and most institution use Intrusion Detection System (IDS) to cope with that and most used IDS is the signature-based IDS, which need a database of rules when looking for an malicious packet. Yet there are two problems with this kind of IDS, first, not all people are able to create a signature or rule, therefore they need to wait for updates if they want to renew their database. Secondly, zero-day attack, attack that has never been happened before, is the main weakness of this IDS due to absence of its signature. We proposed Coro, an IDS signature generator that create an IDS rules based on honeypot log data. Coro uses graph clustering that make it be able to cluster data without the need to recompute the centroid. Coro focuses on HTTP, as it will be used to harden our e-voting system, but it is possible to be extended to other protocols. Our experiment showed that Coro was able to cluster around 5000 request in a short time and our graph clustering was a big help to that. Moreover, two threshold value used and data preprocessing in that experiment affected amount and quality of the generated rules.
  • 关键词:IDS; Rules Generation; Graph Clustering; E-Voting; Graph Mining
国家哲学社会科学文献中心版权所有