Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Dissertation
Asymptotic Intrusion Detection System for Stealthy Intruders
TL;DR: A physical layer intrusion detection system for Direct Sequence Spread Spectrum (DSSS) systems is developed against smart jammers to care about integrity and availability issues caused by smartJammers.
Game Theoretic, Multi-agent Approach to Network Traffic Monitoring
Michal Pechoucek,Karel Bartos,Branislav Bosansky,Martin Grill,Martin Komon,Viliam Lisy,Tomas Pevny,Radek Píbil,Martin Rehak,Jan Stiborek,Michal Svoboda +10 more
TL;DR: This area of research has a very high potential to produce relevant, deployable results within next 5 years, based on the trend in the computational power of current processors, average memory required for the computation and the growing sophistication of methods for efficient solving of realistic IDS games.
Proceedings ArticleDOI
A hybrid approach for intrusion-detection based on fuzzy GNP and probabilistic classification
TL;DR: This work describes a novel fuzzy genetic network programming (GNP) and probabilistic classification for detecting network intrusions and can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems.
Proceedings Article
Online Boosting Based Intrusion Detection in Changing Environments.
TL;DR: This paper proposes an online boosting based intrusion detection method, which has the ability of efficient online learning of new network intrusions and can be performed in real-time with high detection accuracy.
Posted Content
Graph Analytics for anomaly detection in homogeneous wireless networks - A Simulation Approach.
Nidhi Rastogi,James A. Hendler +1 more
TL;DR: The purpose of this research is to explore experimentally the relationship between the behavior of central nodes and anomaly detection when an attack spreads through a network and propose a novel anomaly detection approach which has been unexplored so far in communication networks.