Mark J. Crosbie, Benjamin A. Kuperman  Home/Search
Context
Related
| raidsymposium.org...erman_raid2001.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: raidsymposium.org/Raid2001/pa... (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: This paper details the design and implementation of a host-based intrusion detection system (Hewlett-Packard's Praesidium IDS/9000) and a specialized kernel data source which supplies customized data to the IDS. Instead of the common attack-signature matching used in most other intrusion detection systems, IDS/9000 performs real-time monitoring of the system looking for misuse actions that are indicative of either attack or system policy violations. These misuse actions are called building... (Update)
Active bibliography (related documents): More All
0.5: Generation of Application Level Audit Data via Library.. - Kuperman, Spafford (1999) (Correct)
0.5: Computer Vulnerability Analysis - Krsul (1997) (Correct)
0.4: Identification of Host Audit Data to Detect Attacks on.. - Daniels, Spafford (1998) (Correct)
Similar documents based on text: More All
0.3: Using Embedded Sensors for Detecting Network Attacks - Eugene (2000) (Correct)
0.3: Penetration Analysis of a XEROX Docucenter DC 230ST.. - Daniels, Kuperman.. (1999) (Correct)
0.3: Doing Intrusion Detection Using Embedded Sensors - Zamboni (2000) (Correct)
BibTeX entry: (Update)
@misc{ crosbie01building,
author = "Mark J. Crosbie and Benjamin A. Kuperman",
title = "A Building Block Approach to Intrusion Detection",
url = "citeseer.ist.psu.edu/crosbie01building.html" }
Citations (may not include all citations):121 An intrusion detection model (context) - Denning - 1987
121 Network intrusion detection (context) - Mukherjee, Heberlein et al. - 1994
76 Trusted Computer Systems Evaluation Criteria (context) - of - 1983
59 Practical UNIX Security (context) - Garfinkel, Spafford - 1991
52 Checking for Race Conditions in File Accesses - Bishop, Dilger - 1996
51 and Denial of Service: Eluding Network Intrusion Detection (context) - Ptacek, Newsham et al. - 1998
51 Cryptography and Data Security (context) - Robling - 1982
50 The design and implementation of tripwire: A file system int.. - Kim, Spafford - 1994
41 The sri ides statistical anomaly detector (context) - Javitz, Valdes - 1991
30 The Architecture of a Network-level Intrusion Detection Syst.. (context) - Heady, Luger et al. - 1990
25 A hardware architecture for implementing protection rings (context) - Schroeder, Saltzer - 1972
24 Operating System Penetration (context) - Linde - 1975
20 A taxonomy of computer program security flaws (context) - Landwehr, Bull et al. - 1994
17 Software Vulnerability Analysis (context) - Krsul - 1998
15 Use of a taxonomy of security faults - Aslam, Krsul et al. - 1996
12 A Taxonomy of UNIX System and Network Vulnerabilities - Bishop - 1995
9 A Taxonomy of Common Computer Security Vulnerabilities based.. (context) - Kumar, Spafford - 1994
9 and Anil Somayaji (context) - Forrest, Hofmeyr - 1997
8 Host-Based Misuse Detection and Conventional Operating Syste.. (context) - Price - 1997
8 A Critical Analysis of Vulnerability Taxonomies - Bishop, Bailey - 1995
7 Computer vulnerability analysis - Krsul, Spafford et al. - 1998
5 A Pattern Matching Approach to Misuse Intrusion Detection (context) - Kumar - 1995
1 Commands Reference (context) - tcbck, computing et al. - 1995
1 Better logging through formality (context) - Flack, Atallah - 2000
1 URL httpwww (context) - Performance, URL et al. - 2001
1 URL httpcassandra (context) - Education, Information et al. - 2001
1 A Guide to Understanding Audit In Trusted Systems (context) - of
1 Experiences in Specifications: Learning to Live With Ambigui.. (context) - Crosbie, Kuperman - 2001
1 URL ftp://ftp (context) - Posted, September - 1994
1 URL http: //icat (context) - of, Technology et al. - 2001
http://www.courtesan.com/sudo/
Documents on the same site (http://www.raid-symposium.org/Raid2001/papers/): More
A Framework for Distributed Intrusion Detection using.. - Gopalakrishna, Spafford (2001) (Correct)
Translating Snort rules to STATL scenarios - Eckmann (2001) (Correct)
An Achilles' Heel in Signature-Based IDS: Squealing False.. - Patton, Yurcik, Doss (2001) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC