CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection

DAY, David and FLORES, Denys (2012). CONDOR: A Hybrid IDS to Offer Improved Intrusion Detection. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom 2012). Institute of Electrical and Electronics Engineers ( IEEE ) , 931-936.

[img]
Preview
PDF - Accepted Version
Download (641kB) | Preview
    Link to published version:: 10.1109/TrustCom.2012.110

    Abstract

    Intrusion Detection Systems are an accepted and very useful option to monitor, and detect malicious activities. However, Intrusion Detection Systems have inherent limitations which lead to false positives and false negatives; we propose that combining signature and anomaly based IDSs should be examined. This paper contrasts signature and anomaly-based IDSs, and critiques some proposals about hybrid IDSs with signature and heuristic capabilities, before considering some of their contributions in order to include them as main features of a new hybrid IDS named CONDOR (COmbined Network intrusion Detection ORientate), which is designed to offer superior pattern analysis and anomaly detection by reducing false positive rates and administrator intervention.

    Item Type: Book Section
    Research Institute, Centre or Group: Cultural Communication and Computing Research Institute > Communication and Computing Research Centre
    Identification Number: 10.1109/TrustCom.2012.110
    Depositing User: David Day
    Date Deposited: 31 May 2012 10:53
    Last Modified: 01 Aug 2013 12:04
    URI: http://shura.shu.ac.uk/id/eprint/5246

    Actions (login required)

    View Item

    Downloads

    Downloads per month over past year

    View more statistics