Analysis of active intrusion prevention data for predicting hostile activity in computer networks

Ido Green; Tzvi Raz; Moshe Zviran

doi:10.1145/1232743.1232749

Analysis of active intrusion prevention data for predicting hostile activity in computer networks

Ido Green^*, Tzvi Raz, Moshe Zviran

^*Corresponding author for this work

Coller School of Management

Research output: Contribution to journal › Review article › peer-review

Abstract

The wide use of the computer networks and the Internet has increased the concern for the security and protection from hostile activity. Many organizations are using additional protective measures in the form of intrusion detection systems (IDS) to monitor the activity on the network to detect the unusual, and potentially hostile activity. Intrusion prevention systems (IPS) block the attacks in real time and provide an additional layer of security, and operate online by matching network activity patterns to the signatures of known modes of attack. A new approach called Active Intrusion Prevention (AIP) is emerged that examines all the activities on the network, and provides the requested data with an early and accurate identification, prior to the actual break-in and protection from all types of attacks. AIP systems are analyzed with predictive models and logit regression analysis and then applied to enhance computer network security.

Original language	English
Pages (from-to)	63-68
Number of pages	6
Journal	Communications of the ACM
Volume	50
Issue number	4
DOIs	https://doi.org/10.1145/1232743.1232749
State	Published - 1 Apr 2007

Access to Document

10.1145/1232743.1232749

Cite this

@article{db40052dccaa4e29b920f9f8a2d0d33d,

title = "Analysis of active intrusion prevention data for predicting hostile activity in computer networks",

abstract = "The wide use of the computer networks and the Internet has increased the concern for the security and protection from hostile activity. Many organizations are using additional protective measures in the form of intrusion detection systems (IDS) to monitor the activity on the network to detect the unusual, and potentially hostile activity. Intrusion prevention systems (IPS) block the attacks in real time and provide an additional layer of security, and operate online by matching network activity patterns to the signatures of known modes of attack. A new approach called Active Intrusion Prevention (AIP) is emerged that examines all the activities on the network, and provides the requested data with an early and accurate identification, prior to the actual break-in and protection from all types of attacks. AIP systems are analyzed with predictive models and logit regression analysis and then applied to enhance computer network security.",

author = "Ido Green and Tzvi Raz and Moshe Zviran",

year = "2007",

month = apr,

day = "1",

doi = "10.1145/1232743.1232749",

language = "אנגלית",

volume = "50",

pages = "63--68",

journal = "Communications of the ACM",

issn = "0001-0782",

publisher = "Association for Computing Machinery (ACM)",

number = "4",

}

TY - JOUR

T1 - Analysis of active intrusion prevention data for predicting hostile activity in computer networks

AU - Green, Ido

AU - Raz, Tzvi

AU - Zviran, Moshe

PY - 2007/4/1

Y1 - 2007/4/1

N2 - The wide use of the computer networks and the Internet has increased the concern for the security and protection from hostile activity. Many organizations are using additional protective measures in the form of intrusion detection systems (IDS) to monitor the activity on the network to detect the unusual, and potentially hostile activity. Intrusion prevention systems (IPS) block the attacks in real time and provide an additional layer of security, and operate online by matching network activity patterns to the signatures of known modes of attack. A new approach called Active Intrusion Prevention (AIP) is emerged that examines all the activities on the network, and provides the requested data with an early and accurate identification, prior to the actual break-in and protection from all types of attacks. AIP systems are analyzed with predictive models and logit regression analysis and then applied to enhance computer network security.

AB - The wide use of the computer networks and the Internet has increased the concern for the security and protection from hostile activity. Many organizations are using additional protective measures in the form of intrusion detection systems (IDS) to monitor the activity on the network to detect the unusual, and potentially hostile activity. Intrusion prevention systems (IPS) block the attacks in real time and provide an additional layer of security, and operate online by matching network activity patterns to the signatures of known modes of attack. A new approach called Active Intrusion Prevention (AIP) is emerged that examines all the activities on the network, and provides the requested data with an early and accurate identification, prior to the actual break-in and protection from all types of attacks. AIP systems are analyzed with predictive models and logit regression analysis and then applied to enhance computer network security.

UR - http://www.scopus.com/inward/record.url?scp=33947692292&partnerID=8YFLogxK

U2 - 10.1145/1232743.1232749

DO - 10.1145/1232743.1232749

M3 - ???researchoutput.researchoutputtypes.contributiontojournal.systematicreview???

AN - SCOPUS:33947692292

SN - 0001-0782

VL - 50

SP - 63

EP - 68

JO - Communications of the ACM

JF - Communications of the ACM

IS - 4

ER -

Analysis of active intrusion prevention data for predicting hostile activity in computer networks

Abstract

Access to Document

Other files and links

Fingerprint

Cite this