標題: | On a pattern-oriented model for intrusion detection |
作者: | Shieh, SP Gligor, VD 資訊工程學系 Department of Computer Science |
關鍵字: | access misuse;audit analysis;context-dependent intrusion;intrusion detection;operational security problems;statistical methods;rule-based methods;secure systems |
公開日期: | 1-七月-1997 |
摘要: | Operational security problems, which are often the result of access authorization misuse, can lead to intrusion in secure computer systems. We motivate the need for pattern-oriented intrusion detection, and present a model that tracks both data and privilege flows within secure systems to detect context-dependent intrusions caused by operational security problems. The model allows the uniform representation of various types of intrusion patterns, such as those caused by unintended use of foreign programs and input data, imprudent choice of default privileges, and use of weak protection mechanisms. As with all pattern-oriented models, this model cannot be used to detect new, unanticipated intrusion patterns that could be detected by statistical models. For this reason, we expect that this model will complement, not replace, statistical models for intrusion detection. |
URI: | http://dx.doi.org/10.1109/69.617059 http://hdl.handle.net/11536/444 |
ISSN: | 1041-4347 |
DOI: | 10.1109/69.617059 |
期刊: | IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING |
Volume: | 9 |
Issue: | 4 |
起始頁: | 661 |
結束頁: | 667 |
顯示於類別: | 期刊論文 |