A revised taxonomy for intrusion-detection systems
作者: Andreas Wespi , Marc Dacier , Hervé Debar
DOI: 10.1007/BF02994844
关键词: Vulnerability assessment 、 Information system 、 Exploit 、 Computer science 、 Knowledge base 、 Secure state 、 Computer security 、 Taxonomy (general) 、 Intrusion detection system 、 Telecommunications network
摘要: Intrusion-detection systems aim at detecting attacks against computer and networks, or in general information systems. Indeed, it is difficult to provide provably secure maintain them such a state during their lifetime utilization. Sometimes, legacy operational constraints do not even allow the definition of fully system. Therefore, intrusion- detection have task monitoring usage detect apparition insecure states. They attempts active misuse, either by legitimate users external parties, abuse privileges exploit security vulnerabilities. In previous paper [Computer networks 31, 805–822 (1999)], we introduced taxonomy that highlights various aspects this area. This extends beyond real- time intrusion include additional monitoring, as vulnerability assessment.
springer.com
sci-hub.se 参考文章(37)
Alfonso Valdes, Phillip A. Porras, Live Traffic Analysis of TCP/IP Gateways. network and distributed system security symposium. ,(1998)
Paul Helman, Wynette Richards, Gunar E. Liepins, Foundations of Intrusion Detection. ieee computer security foundations symposium. pp. 114- 120 ,(1992)
Stephen E. Hansen, E. Todd Atkins, Automated System Monitoring and Notification With Swatch usenix large installation systems administration conference. pp. 145- 152 ,(1993)
Eugene H. Spafford, Daniel Farmer, The COPS Security Checker System USENIX Summer. pp. 165- 170 ,(1990)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Magnus Almgren, Marc Dacier, Hervé Debar, A Lightweight Tool for Detecting Web Server Attacks. network and distributed system security symposium. ,(2000)
C.A. Stallings, K.A. Jackson, D.H. Dubois, An expert system application for network intrusion detection ,(1991)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Stephen E. Smaha, Terrance L. Goan, James Brentano, Daniel M. Teal, Karl N. Levitt, Biswanath Mukherjee, Steven R. Snapp, L. Todd Heberlein, Gihan V. Dias, Tim Grance, Che-Lin Ho, Doug Mansur, DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype Internet besieged. pp. 211- 227 ,(1997)
Marcus J. Ranum, Andrew Lambeth, Michael T. Stolarchuk, Kent Landfield, Mark Sienkiewicz, Eric Wall, Implementing a Generalized Tool for Network Monitoring usenix large installation systems administration conference. pp. 1- 8 ,(1997)