Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Dissertation
A Hybrid Approach to improve the Anomaly Detection Rate Using Data Mining Techniques
Priya Bansal,Deepak Garg +1 more
TL;DR: .................................................................................... i Table of Contents; ii Table of References.
Data collection for information security system
TL;DR: A new approach to collect useful data from the network is proposed, based on new components called: observers, which is presented and the different components are described in details.
Dissertation
Network Intrusion Classification Employing Machine Learning: A Survey
TL;DR: This thesis work gives an overview of a different intrusion detection systems, a statistical comparison based on different classifier like single, hybrid and ensemble learning, and best machine learning classifiers, best datasets and some feature selections process in this thesis work.
Dissertation
The Extended Maurer Model: Bridging Turing-Reducibility and Measure Theory to Jointly Reason about Malware and its Detection
TL;DR: This dissertation presents a formal framework termed the extended Maurer model (EMM) and applies this framework to develop a game-theoretic model of the malware authors versus system defenders confrontation.