Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Understanding Usability-related Information Security Failures in a Healthcare Context
TL;DR: The water needs of this region have changed in recent years from being primarily for agricultural purposes to domestic and industrial uses now, and the needs of the tourism industry have changed as well.
A Novel Cooperative Intrusion Detection System for Mobile Ad Hoc Networks
TL;DR: The following lists the main characters from the film version of The God of Small Things, which was released in cinemas around the world in 2016.
DissertationDOI
Representing Stastical Network-Based Anomaly Detection by Using Trust
TL;DR: It is shown how well the trust management scheme can represent the results of various statistical analyses, how the system can find the appropriate thresholds for classifying the malicious behaviors in this dissertation, and the experiments results.
Dissertation
Hierarchical TCP network traffic classification with adaptive optimisation
TL;DR: This thesis is aiming for optimising network traffic classification based on the statistical approach, focusing on classifying network traffic based on TCP protocol, and an architecture has been proposed for improving the classification performance, in terms of accuracy and response time.
Proceedings Article
An Expectation Maximization Approach to Detecting Compromised Remote Access Accounts
TL;DR: A method for detecting when a user’s remote access account has been compromised in such a way that an attacker model can be learned during operations and results are presented on a medium-sized enterprise network of over two thousand users.