Identification of Intrustion Scenarios through Classification, Characterization and Analysis of Firewall Events

Tampa, Florida, USA November 16-November 18

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/LCN.2004.65

29th Annual IEEE International Confer ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Luciano Paschoal Gaspary Articles by Cristina Melchiors Articles by F?bio Elias Locatelli Articles by Fabiane Dillenburg

	ASCII Text	x
	Luciano Paschoal Gaspary, Cristina Melchiors, F?bio Elias Locatelli, Fabiane Dillenburg, "Identification of Intrustion Scenarios through Classification, Characterization and Analysis of Firewall Events," Local Computer Networks, Annual IEEE Conference on, pp. 327-334, 29th Annual IEEE International Conference on Local Computer Networks (LCN'04), 2004.

	BibTex	x
	@article{ 10.1109/LCN.2004.65, author = {Luciano Paschoal Gaspary and Cristina Melchiors and F?bio Elias Locatelli and Fabiane Dillenburg}, title = {Identification of Intrustion Scenarios through Classification, Characterization and Analysis of Firewall Events}, journal ={Local Computer Networks, Annual IEEE Conference on}, volume = {0}, year = {2004}, issn = {0742-1303}, pages = {327-334}, doi = {http://doi.ieeecomputersociety.org/10.1109/LCN.2004.65}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Local Computer Networks, Annual IEEE Conference on TI - Identification of Intrustion Scenarios through Classification, Characterization and Analysis of Firewall Events SN - 0742-1303 SP327 EP334 A1 - Luciano Paschoal Gaspary, A1 - Cristina Melchiors, A1 - F?bio Elias Locatelli, A1 - Fabiane Dillenburg, PY - 2004 KW - null VL - 0 JA - Local Computer Networks, Annual IEEE Conference on ER -

Luciano Paschoal Gaspary, Universidade do Vale do Rio dos Sinos (UNISINOS), Brazil

Cristina Melchiors, Universidade do Vale do Rio dos Sinos (UNISINOS), Brazil

F?bio Elias Locatelli, Universidade do Vale do Rio dos Sinos (UNISINOS), Brazil

Fabiane Dillenburg, Universidade do Vale do Rio dos Sinos (UNISINOS), Brazil

The content analysis of firewall logs is essential (i) to quantify and identify accesses to external and private networks, (ii) to follow the historical growth of accesses volume and applications used, (iii) to debug problems on the configuration of filtering rules and (iv) to recognize suspicious event sequences that indicate strategies used by intruders in attempt to obtain non-authorized access to stations and services. This paper presents an approach to classify, characterize and analyze events generated by firewalls. The proposed approach explores the case-based reasoning technique to identify possible intrusion scenarios. The paper also describes the validation of our approach carried out based on real logs generated along one week by the university firewall.

Citation:

Luciano Paschoal Gaspary, Cristina Melchiors, F?bio Elias Locatelli, Fabiane Dillenburg, "Identification of Intrustion Scenarios through Classification, Characterization and Analysis of Firewall Events," lcn, pp.327-334, 29th Annual IEEE International Conference on Local Computer Networks (LCN'04), 2004

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.