Intrusion detection techniques and approaches

被引:155
作者
Verwoerd, T [1 ]
Hunt, R [1 ]
机构
[1] Univ Canterbury, Dept Comp Sci, Christchurch 1, New Zealand
来源
COMPUTER COMMUNICATIONS | 2002年 / 25卷 / 15期
关键词
intrusion detection; probe technique; scanning; honeynet; worm/virus attack;
D O I
10.1016/S0140-3664(02)00037-3
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Recent security incidents and analysis have demonstrated that manual response to such attacks is no longer feasible. Intrusion detection systems (IDS) offer techniques for modelling and recognising normal and abusive system behaviour, Such methodologies include statistical models, immune system approaches, protocol verification, file and taint checking, neural networks, whitelisting, expression matching, state transition analysis, dedicated languages, genetic algorithms and burglar alarms. This paper describes these techniques including an IDS architectural outline and an analysis of IDS probe techniques finishing with a summary of associated technologies. (C) 2002 Elsevier Science B.V. All rights reserved.
引用
收藏
页码:1356 / 1365
页数:10
相关论文
共 31 条
[1]  
Anderson J.P., 1980, Computer security threat monitoring and surveillance
[2]  
[Anonymous], NIDES STAT COMPONENT
[3]  
[Anonymous], 1991, P 14 NAT COMP SEC C
[4]  
Bace R. G., 2001, 80031 NIST
[5]  
CHESWICK B, 1992, P WINT USENIX C JAN
[6]  
CHEUNG S, 1999, CSE992 US DAV COMP S
[7]  
CHOWDHRY P, 1999, PC WEEK LABS 1011
[8]   Towards a taxonomy of intrusion-detection systems [J].
Debar, H ;
Dacier, M ;
Wespi, A .
COMPUTER NETWORKS-THE INTERNATIONAL JOURNAL OF COMPUTER AND TELECOMMUNICATIONS NETWORKING, 1999, 31 (08) :805-822
[9]  
DEBAR HM, 1992, P IEEE S RES COMP SE
[10]   AN INTRUSION-DETECTION MODEL [J].
DENNING, DE .
IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :222-232
1234