00000nam 2200000zi 4500 9.892651 CaOODSP 20221107173230 m o d f cr mn||||||||| 201021s2007 onca ob f000 0 eng d CaOODSP eng rda CaOODSP eng eng fre Co24-3/8-2007-2E-PDF Massicotte, Frederic, author. Passive Network Monitoring Tool-eXtended (PNMT-X) : proof of concept : report on research progress to November 1, 2006 / Frederic Massicotte, research engineer. Ottawa : Communication Research Centre Canada = Centre des recherches sur les communications Canada, 2007. 1 online resource (ii, 22 pages) : illustrations. text txt rdacontent computer c rdamedia online resource cr rdacarrier CRC technical note ; CRC-TN-2007-0002 "Ottawa, March 2007." Digitized edition from print [produced by Innovation, Science and Economic Development Canada]. Includes bibliographical references (page 22). "Network Intrusion Detection Systems (IDS) have the reputation of generating many false positives. Recent approaches, known as stateful IDS, utilize the state of communication sessions into account to address this issue. However, for IDS to be able to distinguish between a successful and failed attack attempt, it requires a correlation among the state of the multiple sessions, the reactions of the target system and other gathered of network context information. In this report, we present initial research that supports an IDS approach that attempts to confirm attack success or failure by collecting more network context and combining this information with the attack detected information provided by the IDS. The approach relies on capturing the related effects of an attack to be able to confirm the success or failure against a target system. This approach has been evaluated using existing attacks on real systems and the observed results are positive and further work is required to refine the algorithm"--Abstract, page i. Issued also in print format. Includes abstracts in English and French. Intrusion detection systems (Computer security) Systèmes de détection d'intrusion (Sécurité informatique) Communications Research Centre (Canada), issuing body. CRC technical note ; no. 2007-0002. (CaOODSP)9.882494 PDF 942 KB https://publications.gc.ca/collections/collection_2020/isde-ised/Co24/Co24-3-8-2007-2-eng.pdf