%0 Journal Article
%T Intrusion detection model based on selective packet sampling
%A Bakhoum Ezzat
%J EURASIP Journal on Information Security
%D 2011
%I Springer
%X Recent experimental work by Androulidakis and Papavassiliou (IET Commun 2(3):399, 2008; IEEE Netw 23(1):6, 2009) has shown that it is possible to maintain a high level of network security while selectively inspecting packets for the existence of intrusive activity, thereby resulting in a minimal amount of processing overhead. In this paper, a statistical approach for the modeling of network intrusions as Markov processes is introduced. The theoretical findings presented here confirm the earlier experimental results of Androulidakis and Papavassiliou. A common notion about network intrusion detection systems is that every packet arriving into a network must be inspected in order to prevent intrusions. This investigation, together with the earlier experimental results, disproves that notion. Additional experimental testing of a corporate local area network is reported.
%K Network Intrusion
%K Intrusion Detection System
%K IP Packets
%K Markov Process
%K Birth and Death Model
%U http://jis.eurasipjournals.com/content/2011/1/2