CiteSeerX — Search Results — intrusion detection

Results 1 - 10 of 7,045

An intrusion-detection model

by Dorothy E. Denning - IEEE TRANSACTIONS ON SOFTWARE ENGINEERING , 1987

"... A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of sy ..."

Abstract - Cited by 639 (0 self) - Add to MetaCart

A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns

Snort - Lightweight Intrusion Detection for Networks

by Martin Roesch, Stanford Telecommunications , 1999

"... Permission is granted for noncommercial reproduction of the work for educational or research purposes. ..."

Abstract - Cited by 1142 (1 self) - Add to MetaCart

Permission is granted for noncommercial reproduction of the work for educational or research purposes.

Data Mining Approaches for Intrusion Detection,

by Wenke Lee , Salvatore J Stolfo - in the 7th USENIX Security Symposium, , 1998

"... Abstract In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant sys ..."

Abstract - Cited by 435 (23 self) - Add to MetaCart

Abstract In this paper we discuss our research in developing general and systematic methods for intrusion detection. The key ideas are to use data mining techniques to discover consistent and useful patterns of system features that describe program and user behavior, and use the set of relevant

Intrusion Detection via Static Analysis

by David Wagner, Drew Dean , 2001

"... One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior. The resul ..."

Abstract - Cited by 352 (1 self) - Add to MetaCart

One of the primary challenges in intrusion detection is modelling typical application behavior, so that we can recognize attacks by their atypical effects without raising too many false alarms. We show how static analysis may be used to automatically derive a model of application behavior

Intrusion Detection in Wireless Ad-Hoc Networks

by Yongguang Zhang, Wenke Lee , 2000

"... As the recent denial-of-service attacks on several major Internet sites have shown us, no open computer network is immune from intrusions. The wireless ad-hoc network is particularly vulnerable due to its features of open medium, dynamic changing topology, cooperative algorithms, lack of centralized ..."

Abstract - Cited by 415 (4 self) - Add to MetaCart

of centralized monitoring and management point, and lack of a clear line of defense. Many of the intrusion detection techniques developed on a xed wired network are not applicable in this new environment. How to do it dierently and effectively is a challenging research problem. In this paper, we rst examine

A data mining framework for building intrusion detection models. In:

by Wenke Lee , Salvatore J Stolfo , Kui W Mok - IEEE Symposium on Security and Privacy, , 1999

"... Abstract There is often the need to update an installed Intrusion Detection System (IDS) ..."

Abstract - Cited by 349 (22 self) - Add to MetaCart

Abstract There is often the need to update an installed Intrusion Detection System (IDS)

INTRUSION DETECTION By

by Benjamin H. Klimkowski , 2014

"... This thesis addresses the use of a semi-supervised learning (SSL) method in an intrusion detection setting. Specifically, this thesis illustrates the potential benefits and difficulties of using a cluster-then-label (CTL) SSL approach to classify stealth scanning in network flow metadata. A series o ..."

Abstract - Add to MetaCart

This thesis addresses the use of a semi-supervised learning (SSL) method in an intrusion detection setting. Specifically, this thesis illustrates the potential benefits and difficulties of using a cluster-then-label (CTL) SSL approach to classify stealth scanning in network flow metadata. A series

A Virtual Machine Introspection Based Architecture for Intrusion Detection

by Tal Garfinkel, Mendel Rosenblum - In Proc. Network and Distributed Systems Security Symposium , 2003

"... Today's architectures for intrusion detection force the IDS designer to make a difficult choice. If the IDS resides on the host, it has an excellent view of what is happening in that host's software, but is highly susceptible to attack. On the other hand, if the IDS resides in the network, ..."

Abstract - Cited by 423 (5 self) - Add to MetaCart

Today's architectures for intrusion detection force the IDS designer to make a difficult choice. If the IDS resides on the host, it has an excellent view of what is happening in that host's software, but is highly susceptible to attack. On the other hand, if the IDS resides in the network

Intrusion Detection using Sequences of System Calls

by Steven A. Hofmeyr, Stephanie Forrest, Anil Somayaji - Journal of Computer Security , 1998

"... A method is introducted for detecting intrusions at the level of privileged processes. Evidence is given that short sequences of system calls executed by running processes are a good discriminator between normal and abnormal operating characteristics of several common UNIX programs. Normal behavio ..."

Abstract - Cited by 396 (15 self) - Add to MetaCart

A method is introducted for detecting intrusions at the level of privileged processes. Evidence is given that short sequences of system calls executed by running processes are a good discriminator between normal and abnormal operating characteristics of several common UNIX programs. Normal

Intrusion Detection

by Samuel Hart, Maj Paul, D. Williams, Phd (chairman Date , 2007

"... The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of se-curity processing. These primitives are tightly coupled to ..."

Abstract - Add to MetaCart

The Anomaly Processor in Hardware for Intrusion Detection (APHID) is a step forward in the field of co-processing intrusion detection mechanism. By using small, fast hardware primitives APHID relieves the production CPU from the burden of se-curity processing. These primitives are tightly coupled

Results 1 - 10 of 7,045

Tools