Teresa F. Lunt. Real-Time Intrusion Detection. In Proceedings of COMPCON Spring '89, San Francisco, CA, February 1989.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....When a hacker attacks a system, the ideal response would be to stop his activity before he can cause any damage or access to any sensitive information. This would require recognition of the attack as it takes place. Different models of intrusion detection have been developed [6] 9] 10] [11], and many IDS software are available for use. Commercial IDS products such as NetRanger, RealSecure, and Omniguard Intruder alert work on attack signatures. These signatures needed to be updated by the vendors on a regular basis in order to protect from new types of attacks. However, no detection ....

Lunt, T.F.: Real-Time Intrusion Detection. Technical Report Computer Science Journal (1990)

....patterns in audit data, rather than statis tical formulas. In 1985, Denning and Neumann presented a detailed dis cussion of statistical profile based anomaly detection [5] Perhaps the best known statistical profile based anomaly detection system is the Intrusion Detection Expert System (IDES) [17], 19] 20] The profile based anomaly com ponent of this system identifies expected behavior at the The longer the duration, the more accurate the study. user, group, remote host and target system levels. For an in depth discussion of IDES, the reader is referred to [12] Two example intrusion ....

T.F. Lunt, "Real-Time Intrusion Detection," Proceedings COM- PCON, San Francisco, CA, February 1989.

....is currently an active research area. The rising complexity of today To appear in the ISOC 95 Symposium on Network and Distributed System Security. networks leads to more elaborate patterns of attacks. Previous works for stand alone computer security have established basic concepts and models [3, 4, 5, 7, 8] and described a few operational systems [1, 6, 9, 12, 18] However, distributed analysis of audit trails for network security is needed because of the two following facts. First, the correlation of user actions taking place at different hosts could reveal a malicious behavior while the same ....

T. F. Lunt, Real Time Intrusion Detection. Proceedings of the COMPCON spring 89', San Francisco, CA, February 1989.

....and assess how the system can possibly be compromised. In other words, configuration analysis systems provide a snapshot of the security level by reporting a list of found flaws. A great deal of research efforts have been devoted to establishing the foundations of intrusion detection systems [1, 3, 4] and a few operational systems have been developed [2, 7, 8, 10] Many researchers have built effective access control configuration analysis systems [9, 13] and more recently, 14] analyzes network access control configuration. In the framework of intrusion detection, we developed ASAX (Advanced ....

T. F. Lunt, Real Time Intrusion Detection. Proceedings of the COMPCON spring 89', San Francisco, CA, February 1989.

No context found.

Teresa F. Lunt. Real-Time Intrusion Detection. In Proceedings of COMPCON Spring '89, San Francisco, CA, February 1989.

No context found.

Lunt, T.F. (1989). Real-Time Intrusion Detection. Computer Security Journal Vol. VI, Number 1. pp. 9-14.

No context found.

T.F. Lunt, "Real Time Intrusion Detection", Proceedings of the COMPCON spring 89', San Fransisco, CA, February, 1989.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC