A survey of intrusion detection techniques
Computers and Security
Computer related risks
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
Designing Masking Fault-Tolerance via Nonmasking Fault-Tolerance
IEEE Transactions on Software Engineering
Transaction Processing: Concepts and Techniques
Transaction Processing: Concepts and Techniques
Fault Tolerance: Principles and Practice
Fault Tolerance: Principles and Practice
Towards a model of storage jamming
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Surviving information warfare attacks on databases
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Predictably Dependable Computing Systems
Predictably Dependable Computing Systems
QoS-Centric Stateful Resource Management in Information Systems
Information Systems Frontiers
An ethics and security course for students in computer science and information technology
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Modeling active cyber attack for network vulnerability assessment
ISPA'06 Proceedings of the 2006 international conference on Frontiers of High Performance Computing and Networking
Hi-index | 4.10 |
The past few years have seen governmental, military, and commercial organizations widely adopt Web-based commercial technologies because of their convenience, ease of use, and ability to take advantage of rapid advances in the commercial market. With this increasing reliance on internetworked computer resources comes an increasing vulnerability to information warfare. In today's heavily networked environment, safety demands protection from both obvious and subtle intrusions that can delete or corrupt vital data. Traditionally, information systems security focuses primarily on prevention: putting controls and mechanisms in place that protect confidentiality, integrity, and availability by stopping users from doing bad things. Moreover, most mechanisms are powerless against misbehavior by legitimate users who perform functions for which they are authorized: the so-called "insider threat.'' Many network-based attacks, such as password sniffing and session hijacking, allow an attacker to masquerade as a legitimate user. Although, ultimately, preventing malicious attacks from succeeding is key, not all attacks can be averted at the outset. The goal therefore should be to develop an adaptable system that maintains maximum availability even when under attack: At any time, healthy components of the system remain available while damaged components have either limited or no availability.