Open Access Repository

A context aware attack detection system across multiple gateways in real-time


Downloads per month over past year

Scanlan, JD ORCID: 0000-0003-2285-8932 2004 , 'A context aware attack detection system across multiple gateways in real-time', Honours thesis, University of Tasmania.

Thesis_Final.pdf | Download (880kB)
Available under University of Tasmania Standard License.

| Preview


It is understood that intrusion detection systems can make more intelligent decisions if the context of the traffic being observed is known. This thesis examines whether an attack detection system, looking at traffic as it arrives at gateways or firewalls, can make smarter decisions if the context of attack patterns across a class of IP addresses is known. A system that detects and forestalls the continuation of both fast attacks and slow attacks across several IP addresses is described and the development of heuristics both to ban activity from hostile IP addresses and then lift these bans is illustrated. The System not only facilitates detection of methodical multiple gateway attacks, but also acts to defeat the attack before penetration can occur across the gateway range.

Item Type: Thesis - Honours
Authors/Creators:Scanlan, JD
Keywords: intrusion detection, security, attacks, firewall
Publisher: Honours thesis, University of Tasmania
Copyright Information:

Copyright 2004 the author

Item Statistics: View statistics for this item

Actions (login required)

Item Control Page Item Control Page