Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:


Advances in Computer Network Intrusion Detection


Researchers from Oxford University’s Computing Laboratory have developed techniques to spot malicious attacks on computer networks, that include the use of Inductive Logic Programming (ILP) techniques to automatically determine the semantics of novel attack strategies.

Intrusions often take place where there are vulnerabilities within computer systems. For example, one of the most common of these is the buffer overflow, where an attacker sends overly long transactions to a server. The aim is to overflow the server’s buffer with code that runs automatically, allowing the attacker to execute malicious commands via the network.

A recent example was the “Code Red” worm released on Friday 13th July 2001. The attack caused havoc for programmes running on Microsoft Internet Information Server and slowed down Internet traffic considerably. No one was able to stop it automatically; few recognised what strategy the attack was using and system administrators had to look for it manually in the registers of their systems.

Existing [firewall and security] systems try to detect malicious transactions by comparing the signatures of known attacks. However, attackers can simply change subtle parameters in their attack, without altering the strategy they are using, and easily thwart such systems. Importantly, few technologies have been implemented to detect broad classes of attack strategies or to automatically generate detection strategies by learning from novel attacks.

Code Red proved that self-replicating attacks are dangerous and that systems are vulnerable. Current detection methods based on attack signatures rely on the manual analysis of registers and logs and are ineffective in the long term.

The semantic intrusion detection system developed at Oxford uses general rules rather than signatures to determine whether transactions are attempting to use a known attack strategy. Furthermore, such general rules can be generated from examples of attack attempts using the technology of ILP. An ILP system relies on knowledge represented as sets of general rules which are used explain new examples of intrusions and little interaction is required once this knowledge has been imparted.

Oxford University’s technology transfer company, Isis Innovation, has filed a UK patent application on the principles behind this invention and is interested to hear from companies that wish to license this technology for further development.

Jennifer Johnson | alfa
Further information:

More articles from Information Technology:

nachricht Green Light for Galaxy Europe
15.03.2018 | Albert-Ludwigs-Universität Freiburg im Breisgau

nachricht Tokyo Tech's six-legged robots get closer to nature
12.03.2018 | Tokyo Institute of Technology

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Locomotion control with photopigments

Researchers from Göttingen University discover additional function of opsins

Animal photoreceptors capture light with photopigments. Researchers from the University of Göttingen have now discovered that these photopigments fulfill an...

Im Focus: Surveying the Arctic: Tracking down carbon particles

Researchers embark on aerial campaign over Northeast Greenland

On 15 March, the AWI research aeroplane Polar 5 will depart for Greenland. Concentrating on the furthest northeast region of the island, an international team...

Im Focus: Unique Insights into the Antarctic Ice Shelf System

Data collected on ocean-ice interactions in the little-researched regions of the far south

The world’s second-largest ice shelf was the destination for a Polarstern expedition that ended in Punta Arenas, Chile on 14th March 2018. Oceanographers from...

Im Focus: ILA 2018: Laser alternative to hexavalent chromium coating

At the 2018 ILA Berlin Air Show from April 25–29, the Fraunhofer Institute for Laser Technology ILT is showcasing extreme high-speed Laser Material Deposition (EHLA): A video documents how for metal components that are highly loaded, EHLA has already proved itself as an alternative to hard chrome plating, which is now allowed only under special conditions.

When the EU restricted the use of hexavalent chromium compounds to special applications requiring authorization, the move prompted a rethink in the surface...

Im Focus: Radar for navigation support from autonomous flying drones

At the ILA Berlin, hall 4, booth 202, Fraunhofer FHR will present two radar sensors for navigation support of drones. The sensors are valuable components in the implementation of autonomous flying drones: they function as obstacle detectors to prevent collisions. Radar sensors also operate reliably in restricted visibility, e.g. in foggy or dusty conditions. Due to their ability to measure distances with high precision, the radar sensors can also be used as altimeters when other sources of information such as barometers or GPS are not available or cannot operate optimally.

Drones play an increasingly important role in the area of logistics and services. Well-known logistic companies place great hope in these compact, aerial...

All Focus news of the innovation-report >>>



Industry & Economy
Event News

Ultrafast Wireless and Chip Design at the DATE Conference in Dresden

16.03.2018 | Event News

International Tinnitus Conference of the Tinnitus Research Initiative in Regensburg

13.03.2018 | Event News

International Virtual Reality Conference “IEEE VR 2018” comes to Reutlingen, Germany

08.03.2018 | Event News

Latest News

Development and Fast Analysis of 3D Printed HF Components

19.03.2018 | Trade Fair News

In monogamous species, a compatible partner is more important than an ornamented one

19.03.2018 | Life Sciences

Signaling Pathways to the Nucleus

19.03.2018 | Life Sciences

Science & Research
Overview of more VideoLinks >>>