A categorization of computer security monitoring systems and the impact on the design of audit sources
作者: Eugene H. Spafford , Benjamin A. Kuperman
DOI:
关键词:
摘要: Traditionally, computer security monitoring systems are built around the audit supplied by operating systems. These OS sources were not necessarily designed to meet modern needs. This dissertation addresses this situation categorizing based on their goals of detection and time constraints operation. categorization is used clarify what information needed perform as well how system should be structured supply it in an appropriate manner. A prototype source was constructed from categorization. supplies type performed. The new compared against existing shown have less overhead many instances, generate a smaller volume data, useful currently available.
oberlin.edu 
acm.org 参考文章(47)
Benjamin A. Kuperman, Mark J. Crosbie, A Building Block Approach to Intrusion Detection ,(2001)
Daniel Lowry Lough, Nathaniel J. Davis, A taxonomy of computer attacks with applications to wireless networks Virginia Polytechnic Institute and State University. ,(2001)
Eric A. Brewer, David Wagner, Ian Goldberg, Randi Thomas, A secure environment for untrusted helper applications confining the Wily Hacker usenix security symposium. pp. 1- 1 ,(1996)
Carla E. Brodley, Terran Lane, Sequence Matching and Learning in Anomaly Detection for Computer Security ,(1997)
James C. Foster, Vitaly Osipov, Nish Bhalla, Niels Heinen, Dave Aitel, Format String Attacks Buffer Overflow Attacks#R##N#Detect, Exploit, Prevent. pp. 273- 315 ,(2005) , 10.1016/B978-193226667-2/50047-5
Timothy W. Curry, Profiling and tracing dynamic library usage via interposition usenix summer technical conference. pp. 18- 18 ,(1994)
Perry Wagle, Calton Pu, Steve Beattie, Crispin Cowan, Ryan Finnin Day, Erik Walthinsen, Protecting Systems from Stack Smashing Attacks with StackGuard ,(1999)
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Eugene H. Spafford, Diego Zamboni, Using internal sensors for computer intrusion detection Purdue University. ,(2001)
C. Stoll, The Cuckoo's Egg ,(1989)