The Honeynet quarantine: reducing collateral damage caused by early intrusion response
Anomaly based intrusion detection is inherently subject to false alarms. Fast and automated intrusion response based on this type of intrusion detection can cause significant usage restrictions for falsely suspected systems. To avoid these negative effects without sacrificing detection sensitivity o...
Saved in:
| Published in | 2005 IEEE Workshop on Information Assurance and Security pp. 464 - 465 |
|---|---|
| Main Authors | , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
2005
|
| Subjects | |
| Online Access | Get full text |
| ISBN | 9780780392908 0780392906 |
| DOI | 10.1109/IAW.2005.1496003 |
Cover
| Abstract | Anomaly based intrusion detection is inherently subject to false alarms. Fast and automated intrusion response based on this type of intrusion detection can cause significant usage restrictions for falsely suspected systems. To avoid these negative effects without sacrificing detection sensitivity or increasing the risk for the production network inadequately, we propose a scheme combining anomaly-based IDS with Honeynet concepts and link layer based VLANs. |
|---|---|
| AbstractList | Anomaly based intrusion detection is inherently subject to false alarms. Fast and automated intrusion response based on this type of intrusion detection can cause significant usage restrictions for falsely suspected systems. To avoid these negative effects without sacrificing detection sensitivity or increasing the risk for the production network inadequately, we propose a scheme combining anomaly-based IDS with Honeynet concepts and link layer based VLANs. |
| Author | Rathgeb, E.P. Toedtmann, B. Riebach, S. |
| Author_xml | – sequence: 1 givenname: B. surname: Toedtmann fullname: Toedtmann, B. organization: Inst. for Exp. Math., Duisburg Univ., Essen, Germany – sequence: 2 givenname: S. surname: Riebach fullname: Riebach, S. organization: Inst. for Exp. Math., Duisburg Univ., Essen, Germany – sequence: 3 givenname: E.P. surname: Rathgeb fullname: Rathgeb, E.P. organization: Inst. for Exp. Math., Duisburg Univ., Essen, Germany |
| BookMark | eNotT81OwzAYiwRIwOgdiUteoCW_bcNtmoBNmsRlwHFKky8jqEtH0h769kTabEs-2bLv0XUYAiD0SElFKVHPm-V3xQiRFRWqJoRfoUI1LcniiinS3qIipV-SIaQQTN6hr90P4HVumQOM-G_SUYfRB3jBEexkfDhgM_S9HiHqHlt91AfARk8JLO5mDDr2M_ZhjFPyQ8ihdBpCggd043SfoLj4An2-ve5W63L78b5ZLbelp40cS17ncaZRDHgmOMe0cMq1nVJCUkVrIRlrLKUSXN3YTlLmuIHO5i8cBOEL9HTu9QCwP0V_1HHeX97zfyMsUiU |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/IAW.2005.1496003 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE/IET Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EndPage | 465 |
| ExternalDocumentID | 1496003 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IK 6IL 6IN AAJGR AARBI AAWTH ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK OCL RIE RIL |
| ID | FETCH-LOGICAL-i175t-36807c792e3e3eeff2a4f9f8b9945191645227d115ef67db512f3cebd9083e403 |
| IEDL.DBID | RIE |
| ISBN | 9780780392908 0780392906 |
| IngestDate | Tue Aug 26 18:58:39 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i175t-36807c792e3e3eeff2a4f9f8b9945191645227d115ef67db512f3cebd9083e403 |
| PageCount | 2 |
| ParticipantIDs | ieee_primary_1496003 |
| PublicationCentury | 2000 |
| PublicationDate | 20050000 |
| PublicationDateYYYYMMDD | 2005-01-01 |
| PublicationDate_xml | – year: 2005 text: 20050000 |
| PublicationDecade | 2000 |
| PublicationTitle | 2005 IEEE Workshop on Information Assurance and Security |
| PublicationTitleAbbrev | IAW |
| PublicationYear | 2005 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0000454425 |
| Score | 1.3547926 |
| Snippet | Anomaly based intrusion detection is inherently subject to false alarms. Fast and automated intrusion response based on this type of intrusion detection can... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 464 |
| SubjectTerms | Automatic control Computer networks Computer worms Control systems Intrusion detection IP networks Joining processes Local area networks Production systems Protection |
| Title | The Honeynet quarantine: reducing collateral damage caused by early intrusion response |
| URI | https://ieeexplore.ieee.org/document/1496003 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwELZKJyZALeItD4y4jZM0sdkQoipIRQwUulV-nKUKSHkkQ_n1nJ20CMSAsjiRE13Ol9z5Ht8RcppHiksDEUstHzD8EhXTQqQs1rGNjc0g1t4POb7NRpP0ZjqYtsjZuhYGAELyGfT8MMTy7cJU3lXWR2s-C9CeGyhmda3W2p_ioeRQ_sLOXERe60dZA7CzOherMGUk-9cXj7VDpXnmj-YqQbcMt8h4RVWdUvLUq0rdM5-_ABv_S_Y26X5X8dG7tX7aIS0oOuQB5YKOFgUsCyjpGwqI8r0i4Jy-exBXnEiDaPjC5Gdq1Qv-b6hR1QdYqpcUPB4ynRe-VANXFG8KKbbQJZPh1f3liDW9FdgcDYaSJRnyxeQyhgQPcC5WqZNOaCk94Az38c44t2gvgstyq9EucIkBbZGNCaRRskvaBRK7R6jgiqMZmOfK4u7MCWWkGnBw0kPdm4Tvk47nyey1hs-YNew4-PvyIdkM6KjBy3FE2vg-cIx6v9QnYcG_AMpPqWo |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV07T8MwELaqMsAEqEW88cBI2rwTsyFElUJbMbTQrfLjLFVAyiMZyq_n7KRFIAaUJYmSyDlfcp_v8R0h54nLPSbBdULlRQ5-idwRaRo6vvCVL1UMvjB-yOEozibh7TSaNsjFuhYGAGzyGXTMro3lq4Usjausi2g-ttSeG2j3w6iq1lp7VAyZHGqgXZunrrH7blxT7KyO01Wg0mXd_tVj5VKpn_qjvYq1Lr1tMlyNq0oqeeqUhejIz1-Ujf8d-A5pf9fx0fu1hdolDchb5AE1g2aLHJY5FPQNVYSbbhFwSd8NjSteSK1ymNLkZ6r4C_5xqOTlBygqlhQMIzKd56ZYA-cUb7JJttAmk97N-Dpz6u4KzhwhQ-EEMcpFJsyHADfQ2uehZjoVjBnKGc9EPP1EIWIEHSdKIDLQgQShUIwBhG6wR5o5Dnaf0NTjHgLBJOEK12c65ZLxyAPNDNm9DLwD0jIymb1WBBqzWhyHf58-I5vZeDiYDfqjuyOyZblSrc_jmDTx3eAEUUAhTu3kfwHduqy3 |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2005+IEEE+Workshop+on+Information+Assurance+and+Security&rft.atitle=The+Honeynet+quarantine%3A+reducing+collateral+damage+caused+by+early+intrusion+response&rft.au=Toedtmann%2C+B.&rft.au=Riebach%2C+S.&rft.au=Rathgeb%2C+E.P.&rft.date=2005-01-01&rft.pub=IEEE&rft.isbn=9780780392908&rft.spage=464&rft.epage=465&rft_id=info:doi/10.1109%2FIAW.2005.1496003&rft.externalDocID=1496003 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780780392908/lc.gif&client=summon&freeimage=true |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780780392908/mc.gif&client=summon&freeimage=true |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=9780780392908/sc.gif&client=summon&freeimage=true |