R. Erbacher. Visual behavior characterization for intrusion detection in large scale systems, September 2001.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....should greatly improve the analyst s effectiveness by directing the analyst s focus on the true attacks, separating out isolated anomalies. 2 Background This work describes advancements to our prior research on the development of a visual intrusion monitoring and analyses environment [9, 10, 11]. This prior work was limited in that it was limited to a single monitored host, ignoring the correlation of distributed activity within a network environment, only provided a single visualization technique, and was extremely limited in its application of interaction capabilities. The current ....

....occurred. The analyst can start with anomalies, quickly identify what information is available in correlation with the anomaly, and from there identify the activities that actually led to successful intrusions. As discussed in our prior work, much of this task relates to behavior analyses [11], typical of forensics, as we must identify why an individual may have been performing a set of tasks to determine if a substantive thread is being followed or not. While this paper discusses the application of our environment to forensic analysis, the environment is also applicable to online ....

Robert F. Erbacher, "Visual Behavior Characterization for Intrusion Detection in Large Scale Systems," Proceedings of the IASTED International Conference On Visualization, Imaging, and Image Processing, Marbella, Spain, September 3 - 5, 2001, pp. 54-59.

No context found.

R. Erbacher. Visual behavior characterization for intrusion detection in large scale systems, September 2001.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC