G. Liepens and H. Vaccaroo. Intrusion Detection: Its role and Validation. Computer & Security 11 (1992) 347-355.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the Defense Advanced Research Projects Agency, Rome Laboratory or the U.S. Government. Intrusion Detection 2 02 09 00 that essentially catalog different systems [Anderson80, Cannaday96, Liepens92, Lunt93b, Kumar94, Smaha94]. In this survey we attempt to determine the fundamental approaches and describe the essence of each approach. To be concrete, we use existing implementations to illustrate the mechanics of implementation of each approach. Intrusion detection involves determining that some entity, an intruder, has ....

Liepens, G. and H. Vaccaroo. "Intrusion Detection: Its Role and Validation." Computer & Security 11 (1992) 347-355.

....of the system. Selecting a set of dynamic behavioral characteristics to monitor is a key design decision for an IDS, one which will influence the types of analyzes that can be performed and the amount of data that will be collected. Most systems (for example, IDES NIDES [30, 31, 4] Wisdom Sense [29] and TIM [35] collect profiles of user behavior, generated by audit logs. Other systems look at network traffic, for example, NSM and the system presented in [19] Other approaches attempt to characterize the behavior of privileged processes, as in the program specification method [26] Different ....

G. Liepins and H. Vaccaro. Intrusion detection: Its role and validation. Computeres and Security, 11:247--355, 1992.

....always coincide with anomalous behavior. There are four possibilities, each one with a non zero probability: 1: intrusive but not anomalous 2: not intrusive but anomalous 3: not intrusive and not anomalous 4: intrusive and anomalous For a probabilistic basis of intrusion detection see [LV89, LV92] Most intrusion detection systems built to date [BK88, Sma88, LJL 89, SSHW88, LV89, LJL 89] etc. use 3 APPROACHES TO DETECTING INTRUSIONS 4 the audit trail generated by a C2 1 or higher rated computer, for input. Others, for example [HLMS90, HLM91] analyze intrusions by the network ....

G. E. Liepins and H. S. Vaccaro. Intrusion Detection: Its Role and Validation. Computers & Security, pages 345--355, 1992.

....the system. Selecting a set of dynamic behavioral characteristics to monitor is a key design decision for an IDS, one which will influence the types of analyses that can be performed and the amount of data that will be collected. Most systems (for example, IDES NIDES [34] 35] 5] Wisdom Sense [33] and TIM [39] collect profiles of user behavior, generated by audit logs. Other systems look at network traffic, for example, NSM and the system presented in [23] Other approaches attempt to characterize the behavior of privileged processes, as in the program specification method [30] Different ....

Liepens G, Vaccaro H. Intrusion Detection: Its Role and Validation. Computers and Security, 11: 347 - 355, 1992.

No context found.

G. Liepens and H. Vaccaroo. Intrusion Detection: Its role and Validation. Computer & Security 11 (1992) 347-355.

No context found.

G.E. Liepins and H.S. Vaccaro. Intrusion Detection: Its Role and Validation. Computers and Security, pages 347--355, 1992.

No context found.

Liepins, G. and Vaccaro, H. (1992). Intrusion Detection: Its Role and Validation. Computers and Security, 11:347355.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC