| Title | Date Added | Company | |
|---|---|---|---|
 |
Subtle Issues in the Design of a Database Tier Firewall | 2008-01-01 | Indian Institute of Technology Bombay |
| Applications such as centralized Supply Chain Management permit multiple business partners to host their own customized components at the same site with selective access to a common shared database. If the application software providers are not all trusting of each other, a Database Tier Firewall is necessary. This model assumes that the vocabulary of relational names from the perspective of application developers and users is limited to an abstract schema. Users have views but the view names are unknown to them. Indeed the user may not be aware of the view definitions which change dynamically and reflect access constraints defined and updated by the owner of the data.
Tags: Network Security, Security Tools |
|||
|
A Target-Centric Ontology for Intrusion Detection | 2008-01-01 | university of maryland |
| This paper has produced an ontology specifying a model of computer attacks. The ontology is based upon an analysis of over 4,000 classes of computer intrusions and their corresponding attack strategies and is categorized according to: system component targeted, means of attack, consequence of attack and location of attacker. The author argues that any taxonomic characteristics used to define a computer attack be limited in scope to those features that are observable and measurable at the target of the attack. The paper presents the model as a target-centric ontology that is to be refined and expanded over time. The benefits of forgoing dependence are stated upon taxonomies, in favor of ontologies, for the classification of computer attacks and intrusions.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Secure "Selecticast" for Collaborative Intrusion Detection Systems | 2008-01-01 | Columbia University |
| The problem domain of Collaborative Intrusion Detection Systems (CIDS) introduces distinctive data routing challenges, which the paper shows are solvable through a sufficiently flexible publish-subscribe system. CIDS share intrusion detection data among organizations, usually to predict impending attacks earlier and more accurately, e.g., from Internet worms that tend to attack many sites at once. CIDS participants collect lists of suspect IP addresses, and want to be notified if others are suspicious of the same addresses. The matching must be done efficiently and anonymously, as most organizations are reluctant to share potentially revealing information about their networks. Alerts regarding external probes should only be visible to other CIDS participants experiencing probes from the same source(s).
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Towards a High-Speed Router-Based Anomaly/Intrusion Detection System | 2008-01-01 | Northwestern University |
| Traffic anomalies and attacks are commonplace in today's networks, and identifying them rapidly and accurately is critical for large networks. With the rapid growth of network bandwidth and fast emergence of new attacks/worms, existing network Intrusion Detection Systems (IDS) are insufficient for the following two reasons. First, they are mostly host-based or located on low-end routers, and not scalable to high-speed networks. However, it is crucial to identify fast propagation of worms in their early phases, which can only possibly be achieved by detection at high speed edge/backbone routers instead of at end hosts. Unfortunately, the existing schemes are not scalable to the link speeds and number of flows for high-speed networks.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
An EFSM-Based Intrusion Detection System for Ad Hoc Networks | 2008-01-01 | Institut National des Telecommunications |
| Mobile ad hoc networks offer very interesting perspectives in wireless communications due to their easy deployment and their growing performances. However, due to their inherent characteristics of open medium, very dynamic topology, lack of infrastructure and lack of centralized management authority, MANET present serious vulnerabilities to security attacks. This paper proposes an intrusion detection scheme based on Extended Finite State Machines (EFSM). A formal specification of the correct behavior of the routing protocol is provided and by the means of a backward checking algorithm, detects run-time violations of the implementation. The paper chooses the standard proactive routing protocol OLSR as a case study and show that the approach allows to detect several kinds of attacks as well as conformance anomalies.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Cisco TrustSec and NAC Security Services Built on a Common Identity Framework | 2008-01-01 | Cisco Systems |
| Securing corporate networks is an ongoing challenge. Employees have become more mobile and connect to corporate networks via a variety of access mechanisms. Collaboration between employees, partners, and vendors, brings more users onto the network with a different mix of roles and privileges. Add in the growing regulatory compliance needs and one has a much more complex policy-management problem. Cisco has helped customers deal with these issues since its inception starting with Access Control Lists (ACLs) and subsequently through Cisco Identity Based Network Services (IBNS; the next phase of which is called Cisco Identity Based Privilege Networking [IBPN]). More recently, Cisco Network Admission Control (NAC) was developed to allow customers to authenticate on the basis of device "Posture" as well as Identity. | |||
|
The MINDS - Minnesota Intrusion Detection System | 2008-01-01 | University of Minnesota |
| This paper introduces the Minnesota Intrusion Detection System (MINDS), which uses a suite of data mining techniques to automatically detect attacks against computer networks and systems. While the long-term objective of MINDS is to address all aspects of intrusion detection, this paper focuses on two specific contributions. First, it shows how the behavior-based anomaly detection approach of MINDS is suitable for detecting new and previously unknown types of intrusions, which often indicate emerging threats. Second, it shows how association pattern analysis can be used to summarize and characterize anomalous network connections.
Tags: Intrusion Detection Systems, Security Tools |
|||
|
A Reconfigurable Architecture for Network Intrusion Detection Using Principal Component Analysis | 2008-01-01 | Northwestern University |
| This paper develops architecture for Principal Component Analysis (PCA) to be used as an outlier detection method for high-speed Network Intrusion Detection Systems (NIDS). PCA is a common statistical method used in multivariate optimization problems in order to reduce the dimensionality of data while retaining a large fraction of the data characteristic. First, PCA is used to project the training set onto eigenspace vectors representing the mean of the data. These eigenspace vectors are then used to predict malicious connections in a workload containing normal and attack behavior. This simulations show that the architecture correctly classifies attacks with detection rates exceeding 99% and false alarms rates as low as 1.95%.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Real Time Data Mining-Based Intrusion Detection | 2008-01-01 | North Carolina State University |
| This paper presents an overview of the research in real time data mining-based Intrusion Detection Systems (IDSs). It focuses on issues related to deploying a data mining-based IDS in a real time environment. The paper describes the approaches to address three types of issues: accuracy, efficiency, and usability. To improve accuracy, data mining programs are used to analyze audit data and extract features that can distinguish normal activities from intrusions; it use artificial anomalies along with normal and/or intrusion data to produce more effective misuse and anomaly detection models. To improve efficiency, the computational costs of features are analyzed and a multiple-model cost-based approach is used to produce detection models with low cost and high accuracy.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Toward Cost-Sensitive Modeling for Intrusion Detection and Response | 2008-01-01 | Columbia University |
| Intrusion Detection Systems (IDSs) must maximize the realization of security goals while minimizing costs. This paper studies the problem of building cost-sensitive intrusion detection models. The paper examines the major cost factors associated with an IDS, which include development cost, operational cost, damage cost due to successful intrusions, and the cost of manual and automated response to intrusions. These cost factors can be qualified according to a defined attack taxonomy and site-specific security policies and priorities. Cost models to formulate the total expected cost of an IDS is defined, and present cost-sensitive machine learning techniques that can produce detection models that are optimized for user-defined cost metrics.
Tags: Security Tools, Intrusion Detection Systems |
Cutting-edge technology from premium sponsors
Oracle Technology Solutions for Midsize Businesses
Oracle's Vision for an Enterprise Performance Management System
Improve employee productivity with an out-of-the-box employee portal
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. Privacy Policy.
