Two-stage orthogonal network incident detection for the adaptive coordination with SMTP proxy

Research output: Contribution to journalArticle

Abstract

In this paper we present an adaptive detection and coordination system which consists of anomaly and misuse detector combined by lightweight neural networks to synchronize with specific data control of proxy server.The proposed method is able to correct false positive of anomaly detector for the unusual changes in the segment monitored by the subsequent misuse detector. The orthogonal outputs of these two detectors can be applied for the switching condition between the parameter settings and the protective data modification of proxy. In the unseen attacks our model detects, the forwarding delay time set in the proxy server according to the detection intervals enable us to protect the system faster and prevent effectively the malicious code from spreading.

Original languageEnglish
Pages (from-to)424-427
Number of pages4
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2776
Publication statusPublished - 2003

Fingerprint

Proxy
Detector
Detectors
Anomaly
Servers
Server
Delay Time
False Positive
Time delay
Attack
Neural Networks
Neural networks
Interval
Output
Model

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

@article{fcc880b8d9254a8ab0d0ebc69a44e828,
title = "Two-stage orthogonal network incident detection for the adaptive coordination with SMTP proxy",
abstract = "In this paper we present an adaptive detection and coordination system which consists of anomaly and misuse detector combined by lightweight neural networks to synchronize with specific data control of proxy server.The proposed method is able to correct false positive of anomaly detector for the unusual changes in the segment monitored by the subsequent misuse detector. The orthogonal outputs of these two detectors can be applied for the switching condition between the parameter settings and the protective data modification of proxy. In the unseen attacks our model detects, the forwarding delay time set in the proxy server according to the detection intervals enable us to protect the system faster and prevent effectively the malicious code from spreading.",
author = "Ruo Ando and Yoshiyasu Takefuji",
year = "2003",
language = "English",
volume = "2776",
pages = "424--427",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Two-stage orthogonal network incident detection for the adaptive coordination with SMTP proxy

AU - Ando, Ruo

AU - Takefuji, Yoshiyasu

PY - 2003

Y1 - 2003

N2 - In this paper we present an adaptive detection and coordination system which consists of anomaly and misuse detector combined by lightweight neural networks to synchronize with specific data control of proxy server.The proposed method is able to correct false positive of anomaly detector for the unusual changes in the segment monitored by the subsequent misuse detector. The orthogonal outputs of these two detectors can be applied for the switching condition between the parameter settings and the protective data modification of proxy. In the unseen attacks our model detects, the forwarding delay time set in the proxy server according to the detection intervals enable us to protect the system faster and prevent effectively the malicious code from spreading.

AB - In this paper we present an adaptive detection and coordination system which consists of anomaly and misuse detector combined by lightweight neural networks to synchronize with specific data control of proxy server.The proposed method is able to correct false positive of anomaly detector for the unusual changes in the segment monitored by the subsequent misuse detector. The orthogonal outputs of these two detectors can be applied for the switching condition between the parameter settings and the protective data modification of proxy. In the unseen attacks our model detects, the forwarding delay time set in the proxy server according to the detection intervals enable us to protect the system faster and prevent effectively the malicious code from spreading.

UR - http://www.scopus.com/inward/record.url?scp=35248856849&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35248856849&partnerID=8YFLogxK

M3 - Article

VL - 2776

SP - 424

EP - 427

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -