NJIT eTD::njit-etd2006-059::Leon, Javier::"Classification, testing and optimization of intrusion detection systems"

Modem network security products vary greatly in their underlying technology and architecture. Since the introduction of intrusion detection decades ago, intrusion detection technologies have continued to evolve rapidly. This rapid change has led to the introduction of a wealth of security devices, technologies and algorithms that perform functions originally associated with intrusion detection systems.

This thesis offers an analysis of intrusion detection technologies, proposing a new classification system for intrusion detection systems. Working closely with the development of a new intrusion detection product, this thesis introduces a method of testing related technologies in a production environment by outlining and executing a series of denial of service and scan and probe attacks. Based on the findings of these experiments, a series of enhancements to the core intrusion detection product is introduced to improve its capabilities and adapt to modem needs of security products.

Title:	Classification, testing and optimization of intrusion detection systems
Author:	Leon, Javier
Document Type:	Thesis
Department:	Department of Electrical and Computer Engineering
Degree:	Master of Science
Major:	Computer Engineering
Advisory Committee:	Manikopoulos, Constantine N. Statica, Robert Hu, Jie
Thesis Date:	2006, May
Keywords:	Intrusion detection technology Intrusion detection classification Intrusion detection optimization
Availability:	Unrestricted
Abstract:	Modem network security products vary greatly in their underlying technology and architecture. Since the introduction of intrusion detection decades ago, intrusion detection technologies have continued to evolve rapidly. This rapid change has led to the introduction of a wealth of security devices, technologies and algorithms that perform functions originally associated with intrusion detection systems. This thesis offers an analysis of intrusion detection technologies, proposing a new classification system for intrusion detection systems. Working closely with the development of a new intrusion detection product, this thesis introduces a method of testing related technologies in a production environment by outlining and executing a series of denial of service and scan and probe attacks. Based on the findings of these experiments, a series of enhancements to the core intrusion detection product is introduced to improve its capabilities and adapt to modem needs of security products.
Complete Thesis:	njit-etd2006-059 (104 pages ~ 9,300 KB pdf)
Feedback:	Please complete this Feedback Form to inform us about your experience using this website. It will assist us in better serving your information needs in the future. Thank You!