Using internal sensors for computer intrusion detection
作者: Eugene H. Spafford , Diego Zamboni
DOI:
关键词:
摘要: This dissertation introduces the concept of using internal sensors to perform intrusion detection in computer systems. It shows its practical feasibility and discusses characteristics related design implementation issues. We introduce a classification data collection mechanisms for At conceptual level, these are classified as direct indirect monitoring. monitoring can be implemented external or sensors. Internal provide advantages with respect reliability, completeness, timeliness volume data, addition efficiency resistance against attacks. an architecture called ESP framework building systems based on We describe detail prototype embedded detectors mechanism localized reduction. show that it is possible build both specific (specialized certain intrusion) generic (able detect different types intrusions) detectors. Furthermore, we information about places most effective detecting Finally, performance testing impact have system. Detection capability significant percentage new
参考文章(29)
Debra Anderson, Thane Frivold, Alfonso Valdes, Next-generation Intrusion Detection Expert System (NIDES)A Summary ,(1997)
Steven M. Christey, David E. Mann, David W. Baker, William H. Hill, The Development of a Common Vulnerability Enumeration. recent advances in intrusion detection. ,(1999)
Eugene H. Spafford, Mark Crosbie, Applying Genetic Programming to Intrusion Detection ,(1995)
Eugene H. Spafford, Mark Crosbie, Active Defense of a Computer System using Autonomous Agents ,(1995)
R. Heady, G. Luger, A. Maccabe, M. Servilla, The architecture of a network level intrusion detection system Other Information: PBD: 15 Aug 1990. ,(1990) , 10.2172/425295
Capers Jones, Applied Software Measurement: Assuring Productivity and Quality ,(1991)
Eugene H. Spafford, Ivan Victor Krsul, Software vulnerability analysis Purdue University. ,(1998)
Eugene H. Spafford, Ivan Krsul, Todd Ellis, Mark Crosbie, Bryn Dole, IDIOT - Users Guide ,(1996)
Eugene H. Spafford, Sandeep Kumar, A Software Architecture to Support Misuse Intrusion Detection ,(1995)
Michael Beck, Mirko Dziadzka, Ulrich Kunitz, Dirk Verworner, Harold Bohme, Robert Magnus, Linux Kernel Internals ,(1996)