Finest Informant Filtering of Malicious Traffic in Intrusion Detection System

Palli Rama Krishna, K Ravi Kumar


Traffic volume and diversity will have a major impact on the power of network intrusion detection systems (NIDS) to report malicious activity accurately. Supported the observation that a good deal of traffic is, in fact, not necessary to correct attack identification, we have a tendency to investigate affiliation filtering as a technique for up the performance of NIDS. Filtering capabilities are accessible in access management lists (ACLs). it's generally hold on in Ternary Content available Memory (TCAM), whereas the scale and value of TCAM puts a limit on the amount of filters. Although the filters were restricted in range it still was dear. And henceforward we have a tendency to gift a secured framework for filtering Malicious Traffic. This filtering framework is meant victimization Markov’s Chain model which may be effectively compared with the CRF. The framework is meant such the way that the Markov’s chain model are extensively trained by the system and so concerned within the purpose of filtering malicious traffic in network.


Understanding ACL on Catalyst 6500 series switches,” Cisco Systems, San Jose, CA, 2003 [Online].

“Protecting your core: Infrastructure protection access control lists,” Cisco Systems, San Jose, CA,

M. Collins, T. Shimeall, S. Faber, J. Janies, R.Weaver,M.De Shon, and J. Kadane, “Using uncleanliness to predict future botnet addresses,” in Proc. ACM Internet Meas. Conf., San Diego, CA, Oct. 2007, pp. 93–104.

Z. Chen, C. Ji, and P. Barford, “Spatial-temporal characteristics of internet malicious sources,” in Proc. IEEE INFOCOM Mini-Conf., Phoenix, AZ, May 2008, pp. 2306–2314.

Z. Mao, V. Sekar, O. Spatscheck, J. Van Der Merwe, and R. Vasudevan, “Analyzing large DDoS attacks using multiple data sources,” in Proc. ACM SIGCOMM Workshop Large-Scale Attack Defense, Pisa, Italy, Sep. 2006, pp. 161–168.

A. Ramachandran and N. Feamster, “Understanding the network-level behavior of spammers,” in Proc. ACM SIGCOMM, Pisa, Italy, Sep. 2006, pp. 291–302.

S. Venkataraman, S. Sen, O. Spatscheck, P. Haffner, and D. Song, “Exploiting network structure for proactive spam mitigation,” presented at the USENIX Security Symp., Boston, MA, Aug. 2007.

Y. Xie, F. Yu, K. Achan, E. Gillum, M. Goldszmidt, and T. Wobber, “How dynamic are IP addresses?,” in Proc. ACM SIGCOMM, Kyoto, Japan, Aug. 2007, pp. 301–312.

J. Zhang, P. Porras, and J. Ullrich, “Highly predictive blacklisting,” presented at the USENIX Security Symp., San Jose, CA, Jul. 2008.

Full Text: PDF [Full Text]


  • There are currently no refbacks.

Copyright © 2013, All rights reserved.|

Creative Commons License
International Journal of Science Engineering and Advance Technology is licensed under a Creative Commons Attribution 3.0 Unported License.Based on a work at IJSEat , Permissions beyond the scope of this license may be available at