Author
Richard Heady,George Lugar,Mark Servilla,Arthur Maccabe
Abstract
This paper presents the prelimiary architechture of a network level-intrusion
detection system. The proposed system will monitor base level information in
network packets (source, destination, packet size, and time), learning the
'normal' patterns and announcing anomalies as they occur. The goal of this
research is to determine the applicability of current intrusion detection
technology to the detection of network level intrusions. In particular, we are
investigating the possibility of using this technology to detect and react
to worm programs.