Defending networks: The Expert System component of SECURENET

  • S. K. Katsikas
  • N. Theodoropoulos
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT)


In this paper the Expert System module of SECURENET (An Intelligent System for Detecting and Preventing Attacks against Open Networks) is described in detail. The module’s architecture and components are given, as well as an example of its use. Moreover, the experimentation process is described and performance evaluation results based on real measurements are given.


Intrusion detection network security expert system 


  1. Lunt, T. (1993) A survey of intrusion detection techniques. Computers & Security, Vol. 12, pp. 405–418.CrossRefGoogle Scholar
  2. Mukherjee, B., Heberlein, T. and Levitt, K.N. (1994) Network Intrusion Detection. IEEE Network, pp. 26–41.Google Scholar
  3. Frank, J. (1994) Artificial intelligence and intrusion detection: Current and future directions. Internet.Google Scholar
  4. Spirakis, P., Katsikas, S.K., Gritzalis, D., Allegre, F., Darzentas, J., Gigante, C., Karagiannis, D., Kess, P., Putkonen, H and Spyrou, T. (1994) SECURENET: A Network-oriented Intelligent Intrusion Detection and Prevention System. IFIP SEC ’84, Curacao, Dutch Caribbean.Google Scholar
  5. Katsikas, S.K., Theodoropoulos, N., Allegre, F., Caskey, K., Gigante, C., Karagiannis, D., Patel, A., Putkonen H. and Spyrou, T. (1996) SECURENET: An Intelligent System for Detecting and Preventing Attacks Against Open Networks. Computer Communications, submitted.Google Scholar
  6. Ostrovsky R. and Young, M. (1991) Robust Computation in the Presence of Mobile Viruses. Proceedings, ACM PODC 1991, pp. 51–59, ACM Press.Google Scholar
  7. Spyrou, T., Darzentas, J., Douma, A., Sutinen, E., Putkonen, H. (1995a) Applying SICS: A technique for software modules communication. Proceedings, 5th Hellenic Conference on Informatics, pp. 165–177, Greek Computer Society Press.Google Scholar
  8. Spyrou, T., Darzentas, J., Sfetsou, K. (1995b) Application of artificial intelligence techniques in network management security: An expert system application for the detection of abnormal behaviour. Proceedings, 5th Hellenic Conference on Informatics, pp. 187–203, Greek Computer Society Press.Google Scholar
  9. Spyrou, T. and Darzentas, J. (1996) Intention Modelling: Approximating Computer User Intentions for Detection and Prevention of Intrusions. Proceedings, 12th International Information Security Conference (IFIP SEC ’96), Chapman & Hall (to appear).Google Scholar
  10. Karagiannis, D., Telesko, R. and Mayr, C. (1995) A DSS Model for Attack Detection. Proceedings, Annual Computer Security Applications Conference.Google Scholar
  11. Denault, M., Gritzalis, D., Karagiannis, D., Spirakis, P. (1993) Intrusion Detection: Approach and Performance Issues of the SECURENET System. Computers & Security, Vol. 13, no. 6, pp. 495–508.CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 1996

Authors and Affiliations

  • S. K. Katsikas
    • 1
  • N. Theodoropoulos
    • 2
  1. 1.Department of MathematicsUniversity of the AegeanKarlovassiGreece
  2. 2.EXPERTNETCholargosGreece

Personalised recommendations