Results 1 - 10
of
7,045
An intrusion-detection model
- IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 1987
"... A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of sy ..."
Abstract
-
Cited by 639 (0 self)
- Add to MetaCart
A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns
Snort - Lightweight Intrusion Detection for Networks
, 1999
"... Permission is granted for noncommercial reproduction of the work for educational or research purposes. ..."
Abstract
-
Cited by 1142 (1 self)
- Add to MetaCart
Permission is granted for noncommercial reproduction of the work for educational or research purposes.
Data Mining Approaches for Intrusion Detection,
- in the 7th USENIX Security Symposium,
, 1998
"... Abstract In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant sys ..."
Abstract
-
Cited by 435 (23 self)
- Add to MetaCart
Abstract In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant
Intrusion Detection via Static Analysis
, 2001
"... One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior. The resul ..."
Abstract
-
Cited by 352 (1 self)
- Add to MetaCart
One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior
Intrusion Detection in Wireless Ad-Hoc Networks
, 2000
"... As the recent denial-of-service attacks on several major Internet sites have shown us, no open computer network is immune from intrusions. The wireless ad-hoc network is particularly vulnerable due to its features of open medium, dynamic changing topology, cooperative algorithms, lack of centralized ..."
Abstract
-
Cited by 415 (4 self)
- Add to MetaCart
of centralized monitoring and management point, and lack of a clear line of defense. Many of the intrusion detection techniques developed on a xed wired network are not applicable in this new environment. How to do it dierently and effectively is a challenging research problem. In this paper, we rst examine
A data mining framework for building intrusion detection models. In:
- IEEE Symposium on Security and Privacy,
, 1999
"... Abstract There is often the need to update an installed Intrusion Detection System (IDS) ..."
Abstract
-
Cited by 349 (22 self)
- Add to MetaCart
Abstract There is often the need to update an installed Intrusion Detection System (IDS)
INTRUSION DETECTION By
, 2014
"... This thesis addresses the use of a semi-supervised learning (SSL) method in an intrusion detection setting. Specifically, this thesis illustrates the potential benefits and difficulties of using a cluster-then-label (CTL) SSL approach to classify stealth scanning in network flow metadata. A series o ..."
Abstract
- Add to MetaCart
This thesis addresses the use of a semi-supervised learning (SSL) method in an intrusion detection setting. Specifically, this thesis illustrates the potential benefits and difficulties of using a cluster-then-label (CTL) SSL approach to classify stealth scanning in network flow metadata. A series
A Virtual Machine Introspection Based Architecture for Intrusion Detection
- In Proc. Network and Distributed Systems Security Symposium
, 2003
"... Today's architectures for intrusion detection force the IDS designer to make a difficult choice. If the IDS resides on the host, it has an excellent view of what is happening in that host's software, but is highly susceptible to attack. On the other hand, if the IDS resides in the network, ..."
Abstract
-
Cited by 423 (5 self)
- Add to MetaCart
Today's architectures for intrusion detection force the IDS designer to make a difficult choice. If the IDS resides on the host, it has an excellent view of what is happening in that host's software, but is highly susceptible to attack. On the other hand, if the IDS resides in the network
Intrusion Detection using Sequences of System Calls
- Journal of Computer Security
, 1998
"... A method is introducted for detecting intrusions at the level of privileged processes. Evidence is given that short sequences of system calls executed by running processes are a good discriminator between normal and abnormal operating characteristics of several common UNIX programs. Normal behavio ..."
Abstract
-
Cited by 396 (15 self)
- Add to MetaCart
A method is introducted for detecting intrusions at the level of privileged processes. Evidence is given that short sequences of system calls executed by running processes are a good discriminator between normal and abnormal operating characteristics of several common UNIX programs. Normal
Intrusion Detection
, 2007
"... The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of se-curity processing. These primitives are tightly coupled to ..."
Abstract
- Add to MetaCart
The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of se-curity processing. These primitives are tightly coupled
Results 1 - 10
of
7,045