Please enable JavaScript.
Coggle requires JavaScript to display documents.
Implementation IDS screen 1 (Introduction (IDS look at each individual…
Implementation IDS screen 1
Introduction
IDS look at each individual packets
Look packet header
Each rulen in snort expressing some actions
CBR = More Sophisticated degree of intelligence
Our CBR = Reflective and adaptive architecture
For distributed system : Use JAVA with XML
Case Based Reasoning
Case archive (Feature caractéristiques and actions ) :no_entry:
Treate rule as a case
Case is defined by its feature :check:
Some feature need approximatively match
Some feature need exact match
Domain definition :<3:
:
XML and JAVA
Cases feature is represented in XML
Convert snort rule to corresponding XML representation by JAXB
Cases features comparator
Protocol : Exact string comparator
Source IP : Integer range comparator
Adaptive CBR Process
Case is converted in XML