نتایج جستجو برای: host based intrusion detection

تعداد نتایج: 3501797  

2005
Salvatore J. Stolfo Shlomo Hershkop Linh H. Bui Ryan Ferster Ke Wang

We present an overview of anomaly detection used in computer security, and provide a detailed example of a host-based Intrusion Detection System that monitors file systems to detect abnormal accesses. The File Wrapper Anomaly Detector (FWRAP) has two parts, a sensor that audits file systems, and an unsupervised machine learning system that computes normal models of those accesses. FWRAP employs...

2014
Samarjeet Borah Anindita Chakraborty

Intrusion is a set of related activities which is performed to provide unauthorized activities such as access to the useful information, file modification etc. It is a set of any actions that attempt to compromise the integrity, confidentiality, or availability of a computer resource. Intrusion Detection Systems (IDS) are used to monitor and detect the probable attempts of such types. An IDS co...

2007
Ben Shargel Eric Bonabeau Julien Budynek Daphna Buchsbaum Paolo Gaudiano

18. NUMBER

2004
Ulf T. Mattsson

Modern intrusion detection systems are comprised of three basically different approaches, host based, network based, and a third relatively recent addition called procedural based detection. The first two have been extremely popular in the commercial market for a number of years now because they are relatively simple to use, understand and maintain. However, they fall prey to a number of shortc...

2004
Zhenmin Li Jed Taylor Elizabeth Partridge Yuanyuan Zhou William Yurcik Cristina Abad James J. Barlow Jeff Rosendale

Activity logs can be used for intrusion detection; however, most previous work on intrusion detection examines only activity logs from a single component. Doing so fails to take advantage of the naturally existing correlations among activities in different types of logs, such as network logs and system call logs. This paper explores correlation for intrusion detection. Specifically, we propose ...

Journal: :CoRR 2017
Pierre-François Marteau

This paper introduces a new similarity measure, the covering similarity, that we formally define for evaluating the similarity between a symbolic sequence and a set of symbolic sequences. A pair-wise similarity can also be directly derived from the covering similarity to compare two symbolic sequences. An efficient implementation to compute the covering similarity is proposed that uses a suffix...

Journal: :Pattern Recognition 2003
Dit-Yan Yeung Yuxin Ding

Intrusion detection has emerged as an important approach to network security. In this paper, we adopt an anomaly detection approach by detecting possible intrusions based on program or user pro/les built from normal usage data. In particular, program pro/les based on Unix system calls and user pro/les based on Unix shell commands are modeled using two di1erent types of behavioral models for dat...

2011
Harmeet Kaur

350 Abstract One of the greatest threats that network security faces nowadays is Distributed Denial of Service attacks. A newer version of the Denial of Service attack, also called Distributed Denial of Service attack or DDoS. In a distributed denialof-service (DDoS) attack, an attacker may use your computer to attack another computer. An attacker may attempt to: “flood” a network and thus redu...

نمودار تعداد نتایج جستجو در هر سال

با کلیک روی نمودار نتایج را به سال انتشار فیلتر کنید