An Intelligent Intrusion Detection and Response System Using Network Quarantine Channels: Adaptive Policies and Alert Filters

Hong Kong, China December 18-December 22

RSS feed for this publication

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/WI-IATW.2006.41

2006 IEEE/WIC/ACM International Confe ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Emmanuel Hooper

	ASCII Text	x
	Emmanuel Hooper, "An Intelligent Intrusion Detection and Response System Using Network Quarantine Channels: Adaptive Policies and Alert Filters," Web Intelligence and Intelligent Agent Technology, International Conference on, pp. 45-48, 2006 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Workshops, 2006.

	BibTex	x
	@article{ 10.1109/WI-IATW.2006.41, author = {Emmanuel Hooper}, title = {An Intelligent Intrusion Detection and Response System Using Network Quarantine Channels: Adaptive Policies and Alert Filters}, journal ={Web Intelligence and Intelligent Agent Technology, International Conference on}, volume = {0}, year = {2006}, isbn = {0-7695-2749-3}, pages = {45-48}, doi = {http://doi.ieeecomputersociety.org/10.1109/WI-IATW.2006.41}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Web Intelligence and Intelligent Agent Technology, International Conference on TI - An Intelligent Intrusion Detection and Response System Using Network Quarantine Channels: Adaptive Policies and Alert Filters SN - 0-7695-2749-3 SP45 EP48 A1 - Emmanuel Hooper, PY - 2006 KW - autonomy-oriented computing KW - autonomous knowledge KW - information agents KW - distributed problem solving KW - autonomous auctions and negotiation KW - intelligent response KW - intrusion detection KW - infrastructure security KW - applications. VL - 0 JA - Web Intelligence and Intelligent Agent Technology, International Conference on ER -

Emmanuel Hooper, University of London, UK

Intrusion detection systems are used to identify suspicious network traffic. However, a high percentage of alerts generated by such systems are liable to be false positives. Since these alerts typically require manual intervention from a network administrator, false positives create considerable administrative overheads. In order to reduce the number of false positives, we propose a new network protection component called a network quarantine channel, which is used to perform some additional interaction with hosts that have been identified as the source of suspicious traffic. The network quarantine channel is used to provide a more accurate assessment of the threat posed by a suspicious host, before alerting the network administrator.

Index Terms:

autonomy-oriented computing, autonomous knowledge, information agents, distributed problem solving, autonomous auctions and negotiation, intelligent response, intrusion detection, infrastructure security, applications.

Citation:

Emmanuel Hooper, "An Intelligent Intrusion Detection and Response System Using Network Quarantine Channels: Adaptive Policies and Alert Filters," wi-iatw, pp.45-48, 2006 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Workshops, 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.