IntelligentAnalysis.pdf (220.18 kB)
Intrusion Detection by Intelligent analysis of data across multiple gateways in real-time.
conference contribution
posted on 2023-05-26, 08:28 authored by Joel ScanlanJoel Scanlan, Lorimer, S, Hartnett, J, Manderson, KCurrent firewalls and intrusion detection systems are generally designed to protect a single gateway in order to provide protection for machines residing behind the gateway on an internal network. When considering a network incorporating multiple gateways across a range of IP addresses exposed to the Internet, interesting data can be gathered with regard to the types of scans occurring across these gateways from the outside. The validity of using a central server to amalgamate, reduce and analyse the log files of each gateway is investigated in order to examine the activities of the scans across multiple gateways and port numbers. The results from this analysis can then be used to act against an attack through heuristic driven rule creation.
History
Issue
1Pagination
417-420Publication status
- Published
Event title
Australian Telecommunication NetworksEvent Venue
Bondi BeachDate of Event (Start Date)
2004-12-08Date of Event (End Date)
2004-12-10Repository Status
- Open
Usage metrics
Categories
No categories selectedLicence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC