Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Book ChapterDOI
Monitoring mission critical data for integrity and availability
Michael Gertz,George Csaba +1 more
TL;DR: Data monitoring systems are introduced as an additional line of defense against external and internal security threats and provide IT personnel with effective means for specifying, detecting, and responding to anomalies of data and data accesses caused by users and applications.
Dissertation
Cooperative multi agents for intelligent intrusion detection and prevention systems / Shahaboddin Shamshirband
TL;DR: The significance of cooperative detection mechanism, for detecting distributed denial of service attacks in a timely and energy-efficient manner, accuracy of detection and defence, as well as false alarm rate is demonstrated.
Masquerader detection in mobile context based on behaviour and environment monitoring
TL;DR: A conceptual basis for differentiating between the legitimate user of the terminal and other individuals by analysing the information about user behaviour and environment is developed and the practical issue of applying it to the problem of mobile-masquerader detection is addressed.
Proceedings ArticleDOI
Heterogeneous Fusion of IDS Alerts for Detecting DOS Attacks
Vrushank Shah,Akshai Aggarwal +1 more
TL;DR: In this paper, a method for heterogeneous alert fusion for detection of denial of service (DOS) attacks is proposed, which shows increase in the detection rate of about 20% compared to signature-based IDS and 10% compared with anomaly based IDS.
Journal ArticleDOI
Intrusion-Miner: A Hybrid Classifier for Intrusion Detection using Data Mining
TL;DR: A hybrid classification approach ‘Intrusion-Miner’ with the help of two classifier algorithm for network anomaly detection to get optimum result and make it possible to detect network attacks is proposed.