L. Halme and B. Kahn. Building a security monitor with adaptive user work profiles. In Proceedings of the 11th National Computer Security Conference, Washington DC, October 1988.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....attacks and violations easily codi ed into security policies in a timely and ecient manner. Problems include a diculty in detecting previously unknown intrusions. If a database containing intrusion signatures is employed it must be updated frequently. Early in the research it was suggested in [6, 12] that the two main methods ought to be combined to provide a complete intrusion detection system capable of detecting a wide array of di erent computer security violations, including the ones listed above. At present, the many fundamental questions regarding intrusion detection remain largely ....

L. Halme and B. Kahn. Building a security monitor with adaptive user work proles. In Proceedings of the 11th National Computer Security Conference, Washington DC, Oct. 1988. 6

....the third person masculine pronoun, since the overwhelming majority of computer criminals (as is true of most other criminals in society) belong to that gender. 4 of the idea to process audit data for manifestations of already known intrusive behaviour. About the same time it was suggested [19, 40] that the two complimentary approaches of seeking anomalous activity based on some historic data, and searching for signatures of already known intrusions, should be employed in the same intrusion detection system, to better complement the relative strengths and weaknesses of the two approaches. ....

....approaches of seeking anomalous activity based on some historic data, and searching for signatures of already known intrusions, should be employed in the same intrusion detection system, to better complement the relative strengths and weaknesses of the two approaches. One of the papers ([19]) also suggested that this system be autonomous enough to be trusted to respond unsupervised to detected intrusions. Although the author of that paper recognised that much research was yet to be done before this goal could be attained. In summary: early research concerned itself with the question ....

L. Halme and B. Kahn. Building a security monitor with adaptive user work proles. In Proceedings of the 11th National Computer Security Conference, Washington DC, October 1988.

....(computer, user etc. suspect, and worthy of further investigation, and Policy detection Our term for the strategy of deciding in advance what type of behaviour is undesirable, and through the use of a default permit, or deny, policy, detecting intrusions. About the same time it was suggested in [HK88, Lun88] that the two main methods ought to be combined to provide a complete intrusion detection system, and that the resulting system should be made autonomous enough to be trusted to respond to detected intrusions unsupervised. The authors recognised that much research remained to be done ....

L. Halme and B. Kahn. Building a security monitor with adaptive user work profiles. In Proceedings of the 11th National Computer Security Conference, Washington DC, October 1988.

No context found.

L. Halme and B. Kahn. Building a security monitor with adaptive user work profiles. In Proceedings of the 11th National Computer Security Conference, Washington DC, October 1988.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC