Proceedings ArticleDOI
An Intrusion-Detection Model
Dorothy E. Denning
- pp 118-118
Reads0
Chats0
TLDR
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described, based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage.Abstract:
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system.read more
Citations
More filters
Proceedings ArticleDOI
A unique approach to design an intrusion detection system using an innovative string searching algorithm and DNA sequence
TL;DR: A novel string searching algorithm is proposed and an Intrusion Detection System using this algorithm is implemented using a dataset of five thousands records from KDD Cup dataset for evaluating the efficacy of the proposed IDS.
An Adaptive Intrusion Detection and Defense System based on Mobile Agents
TL;DR: This paper presents a distributed intrusion detection system based on mobile agents that detect intrusion from outside the network segment as well as from inside, and presents partial results obtained from an early prototype and a discussion of design and implementation issues.
Book ChapterDOI
An asynchronous node replication attack in wireless sensor networks
TL;DR: It is shown in this paper that the distributed detection protocol presented by Parno et al. is vulnerable to an asynchronous node replication attack, and modified the protocol to make it secure for dynamic WSN supporting node mobility.
Proceedings ArticleDOI
A New Similarity Measure for the Anomaly Intrusion Detection
TL;DR: A new similarity measure that can be applied for the anomaly intrusion detection by using weighted complete bipartite graphs that fulfills the set of rules defined for any similarity measure.
Proceedings ArticleDOI
DoS attacks prevention using IDS and data mining
TL;DR: This paper discussed DoS prevention using firewall and IDS and different approaches to IDS using Data Mining techniques and used NSL-KDD dataset, refined version of kdd'99 cup data set for applying Data Mining algorithms and testing.