نتایج جستجو برای: host based intrusion detection
تعداد نتایج: 3501797 فیلتر نتایج به سال:
We present an overview of anomaly detection used in computer security, and provide a detailed example of a host-based Intrusion Detection System that monitors file systems to detect abnormal accesses. The File Wrapper Anomaly Detector (FWRAP) has two parts, a sensor that audits file systems, and an unsupervised machine learning system that computes normal models of those accesses. FWRAP employs...
Intrusion is a set of related activities which is performed to provide unauthorized activities such as access to the useful information, file modification etc. It is a set of any actions that attempt to compromise the integrity, confidentiality, or availability of a computer resource. Intrusion Detection Systems (IDS) are used to monitor and detect the probable attempts of such types. An IDS co...
18. NUMBER
Modern intrusion detection systems are comprised of three basically different approaches, host based, network based, and a third relatively recent addition called procedural based detection. The first two have been extremely popular in the commercial market for a number of years now because they are relatively simple to use, understand and maintain. However, they fall prey to a number of shortc...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detection examines only activity logs from a single component. Doing so fails to take advantage of the naturally existing correlations among activities in different types of logs, such as network logs and system call logs. This paper explores correlation for intrusion detection. Specifically, we propose ...
This paper introduces a new similarity measure, the covering similarity, that we formally define for evaluating the similarity between a symbolic sequence and a set of symbolic sequences. A pair-wise similarity can also be directly derived from the covering similarity to compare two symbolic sequences. An efficient implementation to compute the covering similarity is proposed that uses a suffix...
Intrusion detection has emerged as an important approach to network security. In this paper, we adopt an anomaly detection approach by detecting possible intrusions based on program or user pro/les built from normal usage data. In particular, program pro/les based on Unix system calls and user pro/les based on Unix shell commands are modeled using two di1erent types of behavioral models for dat...
350 Abstract One of the greatest threats that network security faces nowadays is Distributed Denial of Service attacks. A newer version of the Denial of Service attack, also called Distributed Denial of Service attack or DDoS. In a distributed denialof-service (DDoS) attack, an attacker may use your computer to attack another computer. An attacker may attempt to: “flood” a network and thus redu...
نمودار تعداد نتایج جستجو در هر سال
با کلیک روی نمودار نتایج را به سال انتشار فیلتر کنید