Please Note:

The Open Access Repository has moved to a new authentication system as of the 1st of November.

Account holders will now be able to login using their University of Tasmania credentials.
If you have trouble logging in please email us on so we can assist you.

Public users can still access the records in this repository as normal

Open Access Repository

A Context Aware Attack Detection System Across Multiple Gateways


Downloads per month over past year

Scanlan, J and Lorimer, S and Hartnett, J and Manderson, K (2004) A Context Aware Attack Detection System Across Multiple Gateways. Working Paper. UNSPECIFIED.

WarningThere is a more recent version of this item available.
ACSC.pdf | Download (2MB)
Available under University of Tasmania Standard License.

| Preview


It is well known that intrusion detection systems can make smarter decisions if the context of the traffic being observed is known. This paper examines whether an attack detection system, looking at traffic as it arrives at gateways or firewalls, can make smarter decisions if the context of attack patterns across a class of IP addresses is known. A system that detects and forestalls the continuation of both fast attacks and slow attacks across several IP addresses is described and the development of heuristics both to ban activity from hostile IP addresses and then lift these bans is illustrated. The system not only facilitates detection of methodical multiple gateway attacks, but also acts to defeat the attack before penetration can occur.

Item Type: Report (Working Paper)
Keywords: Intrusion Detection, Firewalls, Prevention, Analysis
Date Deposited: 07 Oct 2004
Last Modified: 18 Nov 2014 03:10
Item Statistics: View statistics for this item

Available Versions of this Item

Actions (login required)

Item Control Page Item Control Page