Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Advances in Computer Network Intrusion Detection

01.10.2002


Researchers from Oxford University’s Computing Laboratory have developed techniques to spot malicious attacks on computer networks, that include the use of Inductive Logic Programming (ILP) techniques to automatically determine the semantics of novel attack strategies.



Intrusions often take place where there are vulnerabilities within computer systems. For example, one of the most common of these is the buffer overflow, where an attacker sends overly long transactions to a server. The aim is to overflow the server’s buffer with code that runs automatically, allowing the attacker to execute malicious commands via the network.

A recent example was the “Code Red” worm released on Friday 13th July 2001. The attack caused havoc for programmes running on Microsoft Internet Information Server and slowed down Internet traffic considerably. No one was able to stop it automatically; few recognised what strategy the attack was using and system administrators had to look for it manually in the registers of their systems.


Existing [firewall and security] systems try to detect malicious transactions by comparing the signatures of known attacks. However, attackers can simply change subtle parameters in their attack, without altering the strategy they are using, and easily thwart such systems. Importantly, few technologies have been implemented to detect broad classes of attack strategies or to automatically generate detection strategies by learning from novel attacks.

Code Red proved that self-replicating attacks are dangerous and that systems are vulnerable. Current detection methods based on attack signatures rely on the manual analysis of registers and logs and are ineffective in the long term.

The semantic intrusion detection system developed at Oxford uses general rules rather than signatures to determine whether transactions are attempting to use a known attack strategy. Furthermore, such general rules can be generated from examples of attack attempts using the technology of ILP. An ILP system relies on knowledge represented as sets of general rules which are used explain new examples of intrusions and little interaction is required once this knowledge has been imparted.

Oxford University’s technology transfer company, Isis Innovation, has filed a UK patent application on the principles behind this invention and is interested to hear from companies that wish to license this technology for further development.

Jennifer Johnson | alfa
Further information:
http://www.isis-innovation.com

More articles from Information Technology:

nachricht 'Magic' sphere for information transfer
24.08.2015 | Lomonosov Moscow State University

nachricht Fraunhofer IPA develops prototype of intelligent care cart
20.08.2015 | Fraunhofer-Institut für Produktionstechnik und Automatisierung IPA

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: OU astrophysicist and collaborators find supermassive black holes in quasar nearest Earth

A University of Oklahoma astrophysicist and his Chinese collaborator have found two supermassive black holes in Markarian 231, the nearest quasar to Earth, using observations from NASA's Hubble Space Telescope.

The discovery of two supermassive black holes--one larger one and a second, smaller one--are evidence of a binary black hole and suggests that supermassive...

Im Focus: What would a tsunami in the Mediterranean look like?

A team of European researchers have developed a model to simulate the impact of tsunamis generated by earthquakes and applied it to the Eastern Mediterranean. The results show how tsunami waves could hit and inundate coastal areas in southern Italy and Greece. The study is published today (27 August) in Ocean Science, an open access journal of the European Geosciences Union (EGU).

Though not as frequent as in the Pacific and Indian oceans, tsunamis also occur in the Mediterranean, mainly due to earthquakes generated when the African...

Im Focus: Self-healing landscape: landslides after earthquake

In mountainous regions earthquakes often cause strong landslides, which can be exacerbated by heavy rain. However, after an initial increase, the frequency of these mass wasting events, often enormous and dangerous, declines, in fact independently of meteorological events and aftershocks.

These new findings are presented by a German-Franco-Japanese team of geoscientists in the current issue of the journal Geology, under the lead of the GFZ...

Im Focus: FIC Proteins Send Bacteria Into Hibernation

Bacteria do not cease to amaze us with their survival strategies. A research team from the University of Basel's Biozentrum has now discovered how bacteria enter a sleep mode using a so-called FIC toxin. In the current issue of “Cell Reports”, the scientists describe the mechanism of action and also explain why their discovery provides new insights into the evolution of pathogens.

For many poisons there are antidotes which neutralize their toxic effect. Toxin-antitoxin systems in bacteria work in a similar manner: As long as a cell...

Im Focus: Fraunhofer IPA develops prototype of intelligent care cart

It comes when called, bringing care utensils with it and recording how they are used: Fraunhofer IPA is developing an intelligent care cart that provides care staff with physical and informational support in their day-to-day work. The scientists at Fraunhofer IPA have now completed a first prototype. In doing so, they are continuing in their efforts to improve working conditions in the care sector and are developing solutions designed to address the challenges of demographic change.

Technical assistance systems can improve the difficult working conditions in residential nursing homes and hospitals by helping the staff in their work and...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Networking conference in Heidelberg for outstanding mathematicians and computer scientists

20.08.2015 | Event News

Scientists meet in Münster for the world’s largest Chitin und Chitosan Conference

20.08.2015 | Event News

Large agribusiness management strategies

19.08.2015 | Event News

 
Latest News

Interstellar seeds could create oases of life

28.08.2015 | Physics and Astronomy

An ounce of prevention: Research advances on 'scourge' of transplant wards

28.08.2015 | Health and Medicine

Fish Oil-Diet Benefits May be Mediated by Gut Microbes

28.08.2015 | Life Sciences

VideoLinks
B2B-VideoLinks
More VideoLinks >>>