On the Fundamentals of Analysis and Detection of Computer Misuse

نویسنده

  • Ulf Lindqvist
چکیده

Most computerized information systems we use in our everyday lives provide very little protection against hostile manipulation. At the same time, there is a rapidly increasing dependence on services provided by these computer systems and networks, and security is thus not only an interesting and challenging research discipline but has indeed developed into a critical issue for society. This thesis presents research focused on the fundamental technical issues of computer misuse, aimed at manual analysis and automatic detection. The objective is to analyze and understand the technical nature of security threats and, on the basis of this, develop efficient generic methods that can improve the security of existing and future systems. The work is performed from the perspective of system and information owners, a different approach compared to the many previous studies that focus on system developers only. The analysis is based mainly on empirical data from student experiments but also uses data from a security analysis, data recorded from a network server and data produced for an intrusion detection evaluation project. Throughout this work, systematic categorization of data has been used as the main method for data analysis. The results of this work include new findings about the behavior of so-called insider attackers, a dangerous but sometimes neglected security threat. For systems that include commercial off-the-shelf components, underlying causes of system vulnerabilities are identified and discussed, a systematic procedure for vulnerability remediation is developed and a risk management strategy is proposed. Furthermore, the aspects of computer misuse that are fundamental for automatic detection are identified and analyzed in detail. The efficiency and usability of a generic expert system tool for automatic misuse detection is verified empirically. A general database format for documenting attack types and for automatically updating detection tools is outlined.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

راهکار ترکیبی نوین جهت تشخیص نفوذ در شبکه‌های کامپیوتری با استفاده از الگوریتم-های هوش محاسباتی

In this paper, a novel hybrid method is proposed for intrusion detection in computer networks using combination of misuse-based and anomaly-based detection models with the aim of performance improvement. In the proposed hybrid approach, a set of algorithms and models is employed. The selection of input features is performed using shuffled frog-leaping (SFL) algorithm. The misuse detection modul...

متن کامل

Designing an Intelligent Intrusion Detection System in the Electronic Banking Industry Using Fuzzy Logic

One of the most important obstacles to using Internet banking is the lack of Stability of transactions and some misuse in the course of transactions it is financial. That is why preventing unauthorized access Crime detection is one of the major issues in financial institutions and banks. In this article, a system of intelligence has been designed that recognizes Suspicious and unusual behaviors...

متن کامل

A Hybrid Framework for Building an Efficient Incremental Intrusion Detection System

In this paper, a boosting-based incremental hybrid intrusion detection system is introduced. This system combines incremental misuse detection and incremental anomaly detection. We use boosting ensemble of weak classifiers to implement misuse intrusion detection system. It can identify new classes types of intrusions that do not exist in the training dataset for incremental misuse detection. As...

متن کامل

Survey on Perception of People Regarding Utilization of Computer Science & Information Technology in Manipulation of Big Data, Disease Detection & Drug Discovery

this research explores the manipulation of biomedical big data and diseases detection using automated computing mechanisms. As efficient and cost effective way to discover disease and drug is important for a society so computer aided automated system is a must. This paper aims to understand the importance of computer aided automated system among the people. The analysis result from collected da...

متن کامل

Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory

Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1999