Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
A New Agent-Based Approach towards Distributed IP Measurements
TL;DR: This paper provides an introduction into the CMT II architecture, its measurement possibilities and the supported analysis methods.
The Privacy Issue for Pseudonymized Customers in the Smart Grid.
TL;DR: This is a short overview of the privacy issues for customers in the Smart Grid infrastructure, where it is possible to analyse the daily routine of a person as well as creating a movement profile of his electrical vehicle or getting some informations about his preferences or issues.
Intelligent Data Leak Detection Through Behavioural Analysis
Ricardo Costeira,Henrique Santos +1 more
TL;DR: A solution to detect data leaks in an intelligent and furtive way through a real time analysis of the user’s behaviour while handling classified information is discussed.
Proceedings Article
On the Self-Similarity of the 1999 DARPA/Lincoln Laboratory Evaluation Data.
Kun Huang,Dafang Zhang +1 more
TL;DR: It is indicated that the evaluation data clearly exhibits self-similarity during preceding tens of hours period, while not during other time periods, which can help evaluators to understand and use the 1999 DARPA/Lincoln Laboratory evaluation data well to evaluate IDSs.