Skip to Main content Skip to Navigation
New interface

Recherche et détection des patterns d'attaques dans les réseaux IP à hauts débits

Abstract : With their important role in the networks protection, the Intrusion Detection Systems (IDS) must be able to adapt their functional modes to the new technologies. The IDS must manage a large mass of information and process network traffic at a very high rate because of transfer speeds and diversity of the provided services. It must also address an increasing number of attacks. Therefore improve the performance of IDS is a critical task for designers of protection mechanisms. In our thesis, we focus on the problems related to the quantitative parameters of the IDS. We propose a classification approach of the attacks signatures based on their common substrings. This approach reduces the number of signatures processed by the detection engine of the IDS and therefore reduces running time. We also discuss the problem of the mass of data analyzed by the IDS, we propose a detection architecture based on the classification of network connections. The proposed architecture allows decide on the nature of a connection: suspicious or not. In the first case, the connection must be analyzed by the intrusion detection system. Otherwise, if it is not suspect we can decide to ignore this connection and don't analyze it by the IDS.
Complete list of metadata

Cited literature [109 references]  Display  Hide  Download
Contributor : Frédéric Davesne Connect in order to contact the contributor
Submitted on : Wednesday, October 30, 2013 - 11:29:04 PM
Last modification on : Friday, October 23, 2020 - 4:42:15 PM
Long-term archiving on: : Friday, January 31, 2014 - 7:05:10 AM


  • HAL Id : tel-00878783, version 1



Abdelhalim Zaidi. Recherche et détection des patterns d'attaques dans les réseaux IP à hauts débits. Réseaux et télécommunications [cs.NI]. Université d'Evry-Val d'Essonne, 2011. Français. ⟨NNT : ⟩. ⟨tel-00878783⟩



Record views


Files downloads