T. Lunt and R. Jagannathan, A Prototype Real-time Intrusion-detection System, IEEE Symposium on Security and Privacy, Oakland, CA, May 1988 Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Cards: A Distributed System For Detecting Coordinated Attacks - Yang, Ning, Wang, Jajodia (2000) (4 citations) (Correct)
....to provide sufficient security for a computer system, intrusion detection techniques are introduced as a second line of defense [2, 8] Early intrusion detection system (IDS) models were designed to monitor the activities of a single host. Such models include Haystack [12] and SRI s IDES [5, 7]. Later models accommodated the monitoring of a number of hosts in1 2 terconnected via a network. Examples include University of California Davis Network Security Monitor [4] and DIDS [13] More recent models, such as UC Davis GrIDS [14] UC Santa Barbara s NetSTAT [15] Purdue s AAFID [1] and ....
T. Lunt and R. Jagannathan, A Prototype Real-time Intrusion-detection System, IEEE Symposium on Security and Privacy, Oakland, CA, May 1988
Detecting Anomalous and Unknown Intrusions Against Programs - Ghosh, Wanken, Charron (1998) (20 citations) (Correct)
....highly correlated to abnormal behavior exhibited by either a user or an application. The basic idea is to baseline normal behavior of the object being monitored and then flag behaviors that are significantly different from this baseline as abnormalities, or possible intrusions. See [Lunt, 1993, Lunt and Jagannathan, 1988, Lunt, 1990, Lunt et al. 1992, D haeseleer et al. 1996, Porras and Neumann, 1997] for sources on anomaly detection approaches. The most significant disadvantage of misuse detection approaches is that they will only detect the attacks for which they are trained to detect. Novel attacks or even ....
Lunt, T. and Jagannathan, R. (1988). A prototype real-time intrusiondetection system. In Proceedings of the 1988 IEEE Symposium on Security and Privacy.
Learning Program Behavior Profiles for Intrusion Detection - Ghosh, Schwartzbard, Schatz (1999) (31 citations) (Correct)
....characteristic pings to the range of network services across many machines. Today, there are generally two types of intrusion detection systems: anomaly detection and misuse detection. Anomaly detection approaches attempt to detect intrusions by noting significant departures from normal behavior [7, 5, 20, 18, 15, 17, 16]. Misuse detection techniques attempt to model attacks on a system as specific patterns, then systematically scan the system for occurrences of these patterns [22, 14, 10, 9, 19] This process involves a specific encoding of previous behaviors and actions that were deemed intrusive or malicious. ....
T.F. Lunt and R. Jagannathan. A prototype real-time intrusion-detection system. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, April 1988.
Using Program Behavior Profiles for Intrusion Detection - Ghosh, Schwartzbard, Schatz (1999) (5 citations) (Correct)
....behavior exhibited by either a user or network traffic. The main advantage of anomaly detection over misuse detection approaches is that novel attacks against systems can be detected by noting abnormal behavior. As a result, anomaly detection approaches are particularly popular among researchers [1, 9, 10, 8, 11]. One of the key problems with commercial intrusion detection tools is that most rely on misuse detection or signature analysis to detect intrusion attempts. Because these techniques attempt to match monitored data with patterns stored in databases, attacks that do not conform with known attack ....
T.F. Lunt and R. Jagannathan. A prototype real-time intrusion-detection system. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, April 1988.
Automated Audit Trail Analysis and Intrusion Detection: A Survey - Lunt (1988) (25 citations) Self-citation (Lunt) (Correct)
....and detect suspicious behavior as it occurs. This system, known as IDES (Intrusion Detection Expert System) is based on the approach that intrusions, whether successful or attempted, can be detected by flagging departures from historically established norms of behavior for individual users [11, 12]. Another real time approach, called keystroke dynamics, is based on measurements of certain characteristics, such as typing speed, of a user s keyboard activity. Keystroke dynamics has been found to be a powerful means of continuously verifying the identity of the user doing the typing. For ....
....jobs, the user would encode the rules in what Karger calls a special directory tree, which would enumerate the objects on which the program is expected to operate. 3. 2 IDES SRI International is developing a prototype intrusion detection system called IDES (Intrusion Detection Expert System) [11, 12]. The goal of IDES is to provide a systemindependent mechanism for real time detection of all types of security violations, whether they are initiated by outsiders who attempt to break into a system or by insiders who attempt to misuse the privileges of their accounts. The IDES approach is based ....
[Article contains additional citation context not shown here]
T. F. Lunt and R. Jagannathan. A prototype real-time intrusion-detection system. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, April 1988. 16
A Specification-Based Approach for Building Survivable Systems - Segal (1998) (4 citations) (Correct)
No context found.
T. Lunt and R. Jagannathan, A prototype real-time intrusion detection system, IEEE Symp. on Computer Security and Privacy, 1988.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC