State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Classification and detection of computer intrusions
Classification and detection of computer intrusions
The computer science and engineering handbook
The computer science and engineering handbook
Protecting routing infrastructures from denial of service using cooperative intrusion detection
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
How to Increase Security in Mobile Networks by Anomaly Detection
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
| Hi-index | 0.00 |
The increasing complexity of both tele and data communication networks yields new demands concerning network security. Especially the task of detecting, repulsing and preventing abuse by in- and outsiders is becoming more and more difficult. This paper deals with a new technique that appears to be suitable for solving these issues, i.e. anomaly detection based on the specification of transactions. The traditional transaction and serialization concepts are discussed, and a new model of anomaly detection, based on the concept of transactions, is introduced. Applying this model to known attacks gives a first insight concerning the feasibility of our approach.