NATE: Network Analysis of Anomalous Traffic Events, a low-cost approach
作者: Carol Taylor , Jim Alves-Foss
关键词:
摘要: A new approach to network intrusion detection is needed solve the monitoring problems of high volume data and time constraints for Intrusion Detection System (IDS) management. Most current IDS's have not been specifically designed speed traffic or low maintenance. We propose a solution these which we call NATE, Network Analysis Anomalous Traffic Events. Our features minimal measurement, an anomaly-based method, limited attack scope. NATE similar other lightweight approaches in its simplified design, but our approach, being anomaly based, should be more efficient both operation maintenance than approaches. present method perform empirical test using MIT Lincoln Lab's data.
acm.org
nspw.org 参考文章(14)
Peter G. Neumann, Phillip A. Porras, Experience with EMERALD to Date ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 73- 80 ,(1999)
Marcus J. Ranum, Andrew Lambeth, Michael T. Stolarchuk, Kent Landfield, Mark Sienkiewicz, Eric Wall, Implementing a Generalized Tool for Network Monitoring usenix large installation systems administration conference. pp. 1- 8 ,(1997)
Margaret A. Nemeth, Applied multivariate methods for data analysts ,(1998)
Steven A. Hofmeyr, Stephanie Forrest, Architecture for an Artificial Immune System Evolutionary Computation. ,vol. 8, pp. 443- 473 ,(2000) , 10.1162/106365600568257
Richard L. Scheaffer, William Mendenhall, R. Lyman Ott, Elementary survey sampling ,(1971)
S.E. Smaha, Haystack: an intrusion detection system annual computer security applications conference. pp. 37- 44 ,(1988) , 10.1109/ACSAC.1988.113412
L.T. Heberlein, G.V. Dias, K.N. Levitt, B. Mukherjee, J. Wood, D. Wolber, A network security monitor ieee symposium on security and privacy. pp. 296- 304 ,(1990) , 10.1109/RISP.1990.63859
G. Vigna, R.A. Kemmerer, NetSTAT: a network-based intrusion detection approach annual computer security applications conference. pp. 25- 34 ,(1998) , 10.1109/CSAC.1998.738566
Harold S. Javitz, Alfonso Valdes, The NIDES Statistical Component Description and Justification ,(1994)
Anil Somayaji, Steven Hofmeyr, Stephanie Forrest, Principles of a computer immune system new security paradigms workshop. pp. 75- 82 ,(1998) , 10.1145/283699.283742