Doing intrusion detection using embedded sensors -- Thesis proposal

Doing intrusion detection using embedded sensors -- Thesis proposal (2000)

Cached

Download Links

[www.cerias.purdue.edu]

by Diego Zamboni

Venue:

CERIAS, PURDUE UNIVESRITY. URLHTTPS://WWW.CERIAS.PURDUE.EDU/TECHREPORTS-SSL/PUBLIC/200021.PDF. THESIS PROPOSAL

BibTeX

@TECHREPORT{Zamboni00doingintrusion,
    author = {Diego Zamboni},
    title = {Doing intrusion detection using embedded sensors -- Thesis proposal},
    institution = {CERIAS, PURDUE UNIVESRITY. URLHTTPS://WWW.CERIAS.PURDUE.EDU/TECHREPORTS-SSL/PUBLIC/200021.PDF. THESIS PROPOSAL},
    year = {2000}
}

Bookmark

OpenURL

Abstract

Intrusion detection systems have usually been developed using large host-based components. These components impose an extra load on the system where they run (sometimes even requiring a dedicated system) and are subject to tampering or disabling by an intruder. Additionally, intrusion detection systems have usually obtained information about host behavior through indirect means, such as audit trails or network packet traces. This potentially allows intruders to modify the information before the intrusion detection system obtains it, making it possible for an intruder to hide his activities. In this document I propose work that will attempt to show that it is possible to perform intrusion detection using small sensors embedded in a computer system. These sensors will look for signs of specic intrusions. They will perform target monitoring by observing the behavior of the system directly, instead of through an audit trail or other indirect means. Furthermore, by being built in...

Citations

515	K: Irrelevant features and the subset selection problem - GH, Kohavi, et al.
457	A sense of self for unix processes - Forrest, Hofmeyr, et al. - 1996
363	An intrusion-detection model - Denning - 1986
314	event monitoring enabling responses to anomalous live disturbances - Porras, Neumann - 1997
237	Computer Security Threat Monitoring and Surveillance - Anderson
204	Network intrusion detection - Mukherjee, Heberlein, et al. - 1994
152	CA: Computer immunology - Forrest, Beauchemin
141	Temporal sequence learning and data reduction for anomaly detection - Lane, Brodley - 1999
128	An Architecture for Intrusion Detection using Autonomous Agents - Balasubramaniyan, Garcia-Fernandez, et al. - 1998
123	A network security monitor - HEBERLEIN, DIAS, et al. - 1990
123	Classification and detection of computer intrusions - Kumar - 1995
101	A survey of intrusion detection techniques - Lunt - 1993
83	GrIDS - A graph based intrusion detection system for large networks - Staniford-Chen, Cheung, et al. - 1996
81	The DIDS (distributed intrusion detection system) prototype - SNAPP, SMAHA, et al. - 1992
76	An Immunological Model of Distributed Detection and Its Application to Computer Security - HOFMEYR - 1999
67	Software Vulnerability Analysis - Krsul - 1998
65	Intrusion detection systems and multisensor data fusion,” in - Bass - 2000
63	An evening with Berferd in which a cracker is lured, endured, and studied - Cheswick - 1992
62	The architecture of a network level intrusion detection system.Technical report - Heady, Luger, et al. - 1990
61	Defending a computer system using autonomous agents - Crosbie, Spafford - 1995
60	Automated audit trail analysis and intrusion detection: A survey - LUNT - 1988
59	Artificial intelligence and intrusion detection: Current and future directions - Frank - 1994
59	NADIR “An automated system for detection network intrusion and misuse” , Cpmputers and Security - Jackson, Stallings, et al.
46	2001 CSI/FBI Computer Crime and Security Survey ", Computer Security Institute/Federal - Power - 2001
45	Anil Somayaji. Intrusion detection using sequences of system calls - Hofmeyr, Forrest
43	Active defense of a computer system using autonomous agents - Crosbie - 1995
38	Asax: Software architecture and rule-based language for universal audit trail analysis - Habra, Charlier, et al. - 1992
22	based intrusion detection - Garvey, Lunt - 1991
20	Distributed audit trail analysis - Mounji, Charlier, et al. - 1995
18	The application of neural networks to UNIX computer security - Tan - 1995
15	Requirements and model for IDES - a real-time intrusion detection expert system - Denning, Neumann - 1985
12	Multisensor data fusion for next generation distributed intrusion detection systems - BASS - 1999
10	A system for distributed intrusion detection - Snapp, Brentano, et al. - 1991
9	A Real-Time Intrusion Detection Expert - Lunt, Tamura, et al. - 1992
8	Vulnerability assessment and intrusion detection with dynamic software agents - Barnett, Vu - 1997
7	page at http://www.openbsd.org - Web - 1999
6	IDIOT—users guide - Crosbie, Dole, et al. - 1996
5	Mailing list archive. Web page at http://www.securityfocus.com - BugTraq - 1999
5	A Prototype IDES\| A Real-Time Intrusion Detection Expert System - Denning, Edwards, et al. - 1987
4	Development and application of IDES: A real-time intrusion-detection expert system - Lunt, Jagannathan, et al. - 1988
4	MerriamWebster OnLine: WWWebster Dictionary. http://www.m-w.com/dictionary - “intrusion” - 1998
4	vulnerabilities and exposures. Web page at http://cve.mitre.org, 1999–2000. 15 Biswanath - Common - 1994
4	page at http://www.securityfocus.com - Web - 1999
2	CERT/CC statistics. Web page at http://www.cert.org/stats/cert_stats. html - Center - 1999
2	Using clustering to detect abnormal behavior in a distributed intrusion detection system. Unreleased - Zamboni - 2001
1	CERT advisories. Web page at http://www.cert.org/advisories - Center - 1999