Visualising Intrusions: Watching the Webserver
نویسنده
چکیده
Despite several years of intensive study, intrusion detection systems still suffer from a key deficiency: A high rate of false alarms. To counteract this, this paper proposes to visualise the state of the computer system such that the operator can determine whether a violation has taken place. To this end a very simple anomaly detection inspired log reduction scheme is combined with graph visualisation, and applied to the log of a webserver with the intent of detecting patterns of benign and malicious (or suspicious) accesses. The combination proved to be effective. The visualisation of the output of the anomaly detection system counteracted its high rate of false alarms, while the anomaly based log reduction helped reduce the log data to manageable proportions. The visualisation was more successful in helping identifying benign accesses than malicious accesses. All the types of malicious accesses present in the log data were found.
منابع مشابه
Supporting Intrusion Detection by Graph Clustering and Graph Drawing
This paper presents a description of a system supporting the detection of intrusions and network anomalies by analyzing and visualising traffic flows in computer networks. The system supervises the typical communication structure in the network and acts as an anomaly detection component of an Intrusion Detection System. Events are generated in the case of sudden variations of the traffic struct...
متن کاملDevelopment and testing of TraumaGameplay: an iterative experimental approach using the trauma film paradigm
Background: Vivid trauma-related intrusions are a hallmark symptom of posttraumatic stress disorder (PTSD), and may be involved in its onset. Effective interventions to reduce intrusions and to potentially prevent the onset of subsequent PTSD are scarce. Studies suggest that playing the videogame Tetris, shortly after watching aversive film clips, reduces subsequent intrusions. Other studies ha...
متن کاملTrauma films, information processing, and intrusive memory development.
Three experiments indexed the effect of various concurrent tasks, while watching a traumatic film, on intrusive memory development. Hypotheses were based on the dual-representation theory of posttraumatic stress disorder (C. R. Brewin, T. Dalgleish, & S. Joseph, 1996). Nonclinical participants viewed a trauma film under various encoding conditions and recorded any spontaneous intrusive memories...
متن کاملThe clinical risk management of stalking: "someone is watching over me....".
I have offered ten guidelines for the clinical risk management of stalking: a team approach, personal responsibility for safety, documentation and recording, no initiated contact, protection orders, law enforcement and prosecution, treatment if indicated, segregation and incarceration, periodic violence risk assessment, and the importance of dramatic moments. Although criminal stalking is not e...
متن کاملUser Created Content Privacy or Big Brother Is Watching You
In the last couple of years, the diversity of online cultures on the Internet is being enriched for a phenomenon called “user-created content”. Individuals are publicly sharing their thoughts, preferences, experiences, and feelings in the form of up-to-date online profiles and journals of their lives. Freedom of individual expression and the potential for unlimited participation in producing an...
متن کامل