Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
Component-Based Malicious Software Engineer Intrusion Detection
TL;DR: This paper focuses on detecting malicious code in a component that intrudes security-sensitive information in different components in an application and an application system monitor designed to detect intrusion between components using the business process encapsulated in the monitor(s).
Proceedings ArticleDOI
Attack detection in active queue management within large-scale networks control system with information of network and physical system
TL;DR: How attacker can make Denial of Service (DoS) in active queue management is described and by using UIO, designed Network Intrusion Detection System (NIDS) that use fluid flow model, then fusion information of NIDS and Host Intrusions Detection Systems (HIDS).
Dissertation
Network access and admission restriction using traffic monitoring and vulnerability detection
TL;DR: The proposed model advocates the fact that not the machine but the application running on that host is either potentially vulnerable or infected so the access control policy focuses on the process and not at a gross level of host, and is designed to keep the compromised applications separate from clean applications.
Dissertation
Improving Intrusion Prevention, Detection and Response
TL;DR: A set of a proposed 16 HCI-S usability criteria that can be used to design and to assess security alerts issued by any Internet security suite and are inspired from previous literature in the field of HCI.
Dissertation
Supervision de la sécurité pour des réseaux ad hoc mobiles : un système léger, robuste, et fiable de détection d'intrusion
TL;DR: This thesis proposes a lightweight and robust Intrusion Detection System (IDS), dedicated to protecting MANETs, and couple it with an entropy-based trust model that assigns, based on theirunlawful participation in the detection, a low trustworthiness to the misbehaving nodes.