Summary: | The use of internet by different types of devices causes a
large flow of confidential and/or personal informations. This
informations in the possession of criminals can cause extensive
damage to persons, institution and government. Due to this situation,
it is necessary to use computer security tools, such as Intrusion
Detection Systems (IDS). This work presents an IDS that can perform
the flow-based analysis (netflow). The proposed approach realizes an
analysis of malicious behaviors in flows that were previously collected,
and detected correctly three different types of malicious behavior. The
flow-based analysis was efficient to detecting malicious acts, moreover
the data number to be scanned of the proposed approach is
considerably smaller than the packet-based analysis.
|