Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Adaptive Anomaly Detection for Network Security
Kamini Nalavade,Bandu B. Meshram +1 more
TL;DR: This paper is an attempt to provide a structured and comprehensive overview of research on anomaly detection techniques, and the different aspects and approaches for anomaly detection are described.
Proceedings ArticleDOI
Identifying Harmful Web Pages in Laboratory Information Security Management
TL;DR: A laboratory information security management system and a harmful information identification algorithm to determine the original harmful web page are introduced.
Dissertation
A Protocol-Specific Constraint-Based Intrusion Detection System
TL;DR: Constraints compared to IDS rules possess better expressiveness to describe a network behavior for defending the network against different attacks, and evaluating constraints in an efficient manner is a key to achieving a better IDS.
Dissertation
An adaptive approach to detecting behavioural covert channels in IPv6
TL;DR: A novel Hybrid Heuristic Intelligent Algorithm coupled with enhanced Polynomial Naive Bayes machine Learning algorithm is implemented in a supervised learning model to detect and classify covert channels in IPv6 and acts as an active security warden processing intelligent information gain and optimized decision trees technique to improve the security vulnerabilities in this new network generation protocol.
Statistical Problems with Statistical-based Intrusion Detection
TL;DR: The statistics behind statisticalbased detection can lead to some unintuitive results, from surprisingly high numbers of false alarms to the potential of making a site less secure.