Abstract
We present a symptom-based taxonomy for an early detection of network attacks. Since this taxonomy uses symptoms in the network it is relatively easy to access the information to classify the attack. Accordingly it is quite early to detect an attack as the symptom always appears before the main stage of the attack. Furthermore, we are able to classify unknown attacks if the symptom of unknown attacks is correlated with the one of the already known attacks.
This research was supported by the MIC (Ministry of Information and Communication), Korea, under the ITRC (Information Technology Research Center) support program supervised by the IITA (Institute of Information Technology Assessment).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abad, C., et al.: Log Correlation for Intrusion Detection: A Proof of Concept. In: Computer Security Applications Conference (Dec. 2003)
Ye, N., Giordano, J., Feldman, J.: A Process Control Approach to Cyber Attack Detection. Communications of the ACM 44(8), 76–82 (2001)
Kanamaru, A., et al.: A Simple Packet Aggregation Technique for Fault Detection. International Journal of Network Management 10, 215–228 (2000)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Kim, KY., Choi, HK. (2007). A Symptom-Based Taxonomy for an Early Detection of Network Attacks. In: Yang, C.C., et al. Intelligence and Security Informatics. PAISI 2007. Lecture Notes in Computer Science, vol 4430. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71549-8_42
Download citation
DOI: https://doi.org/10.1007/978-3-540-71549-8_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71548-1
Online ISBN: 978-3-540-71549-8
eBook Packages: Computer ScienceComputer Science (R0)