摘要: Haystack is a prototype system for the detection of intrusions in multiuser US Air Force computer systems. reduces voluminous audit trails to short summaries user behavior, anomalous events, and security incidents. This designed help officer detect investigate intrusions, particularly by insiders (authorized users). Haystacks's operation based on behavioral constraints imposed policies models typical behavior groups individual users. >
sci-hub.se 参考文章(3)
James N. Menendez, A Guide to Understanding Audit in Trusted Systems Defense Technical Information Center. ,(1988) , 10.21236/ADA385462
Neil Munro, Air force mounts offensive against computer crime Computers & Security. ,vol. 7, pp. 525- ,(1988) , 10.1016/0167-4048(88)90305-7
D.E. Denning, An Intrusion-Detection Model IEEE Transactions on Software Engineering. ,vol. 13, pp. 222- 232 ,(1987) , 10.1109/TSE.1987.232894