Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Journal ArticleDOI
An engineering approach to secure system analysis, design, and integration
TL;DR: A system security engineering (SSE) methodology is used within the Secure Systems Engineering Department of AT&T Bell Laboratories during the analysis, design, and integration of computer and network systems.
Proceedings Article
An Intrusion Detection Approach Using An Adaptative Parameter-Free Algorithm
TL;DR: This paper proposes to adapt TRIBES to solve the combinatorial optimization intrusion detection problem from audit security and shows the good behavior of this approach.
An Artificial Neural Network-based Decision-Support System for Integrated Network Security
TL;DR: The GTERS is shown to effectively encode an arbitrary policy with 99.7% accuracy based on five threat-severity levels and achieves a generalization accuracy of 96.35% using four distinct participants and 9-fold cross-validation.
New Approaches to Smart Grid Security with SCADA Systems
TL;DR: A consensus estimation strategy is proposed to estimate the dynamic states of the power grid, based on which unobservable attacks can be effectively detected and improves the detection results of the Stuxnet worm attack.
Designing unsupervised intrusion detection for SCADA systems
TL;DR: Supervisory Control and Data Acquisition (SCADA) systems have been introduced to control and monitor industrial processes and daily critical infrastructures such as electric power generation, water distribution and waste water collection systems.