Sensor Families for Intrusion Detection Infrastructures
作者: Richard A. Kemmerer , Giovanni Vigna
关键词:
摘要: Intrusion detection relies on the information provided by a number of sensorsdeployed throughout protected network. Sensors operate different event streams, such as network packets and application logs, provide at abstraction levels, low-level warnings correlated alerts. In addition, sensors range from lightweight probes simple log parsers to complex software artifacts that perform sophisticated analysis. Therefore, deploying, configuring, managing, large heterogeneous is complex, expensive, error-prone activity.
springer.com
sci-hub.se 参考文章(25)
Ralph E. Johnson, Brian Foote, Designing reusable classes Journal of Object-oriented Programming. ,vol. 1, pp. 22- 35 ,(1988)
Oshima Mitsuru, Danny B. Lange, Programming and Deploying Java¿ Mobile Agents with Aglets¿ ,(1998)
Phil Porras, STAT -- A State Transition Analysis Tool For Intrusion Detection University of California at Santa Barbara. ,(1993)
Gregory F. Rogers, Framework-based software development in C++ Prentice-Hall, Inc.. ,(1997)
Giovanni Vigna, Richard A. Kemmerer, Per Blix, Designing a Web of Highly-Configurable Intrusion Detection Sensors recent advances in intrusion detection. pp. 69- 84 ,(2001) , 10.1007/3-540-45474-8_5
Peter G. Neumann, Phillip A. Porras, Experience with EMERALD to Date ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 73- 80 ,(1999)
Marcus J. Ranum, Andrew Lambeth, Michael T. Stolarchuk, Kent Landfield, Mark Sienkiewicz, Eric Wall, Implementing a Generalized Tool for Network Monitoring usenix large installation systems administration conference. pp. 1- 8 ,(1997)
Steven T. Eckmann, Giovanni Vigna, Richard A. Kemmerer, STATL: an attack language for state-based intrusion detection Journal of Computer Security. ,vol. 10, pp. 71- 103 ,(2002) , 10.3233/JCS-2002-101-204
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
R.P. Lippmann, D.J. Fried, I. Graf, J.W. Haines, K.R. Kendall, D. McClung, D. Weber, S.E. Webster, D. Wyschogrod, R.K. Cunningham, M.A. Zissman, Evaluating intrusion detection systems: the 1998 DARPA off-line intrusion detection evaluation darpa information survivability conference and exposition. ,vol. 2, pp. 12- 26 ,(2000) , 10.1109/DISCEX.2000.821506