Return to search

Telemetry Network Intrusion Detection Test Bed

ITC/USA 2013 Conference Proceedings / The Forty-Ninth Annual International Telemetering Conference and Technical Exhibition / October 21-24, 2013 / Bally's Hotel & Convention Center, Las Vegas, NV / The transition of telemetry from link-based to network-based architectures opens these systems to new security risks. Tools such as intrusion detection systems and vulnerability scanners will be required for emerging telemetry networks. Intrusion detection systems protect networks against attacks that occur once the network boundary has been breached. An intrusion detection model was developed in the Wireless Networking and Security lab at Morgan State University. The model depends on network traffic being filtered into traffic streams. The streams are then reduced to vectors. The current state of the network can be determined using Viterbi analysis of the stream vectors. Viterbi uses the output of the Hidden Markov Model to find the current state of the network. The state information describes the probability of the network being in predefined normal or attack states based on training data. This output can be sent to a network administrator depending on threshold levels. In this project, a penetration-testing tool called Metasploit was used to launch attacks against systems in an isolated test bed. The network traffic generated during an attack was analyzed for use in the MSU intrusion detection model.

Identiferoai:union.ndltd.org:arizona.edu/oai:arizona.openrepository.com:10150/579527
Date10 1900
CreatorsMoten, Daryl, Moazzami, Farhad
ContributorsDean, Richard, Morgan State University
PublisherInternational Foundation for Telemetering
Source SetsUniversity of Arizona
Languageen_US
Detected LanguageEnglish
Typetext, Proceedings
RightsCopyright © held by the author; distribution rights International Foundation for Telemetering
Relationhttp://www.telemetry.org/

Page generated in 0.0018 seconds