| Title | Date Added | Company | |
|---|---|---|---|
 |
A Reconfigurable Architecture for Network Intrusion Detection Using Principal Component Analysis | 2008-01-01 | Northwestern University |
| This paper develops architecture for Principal Component Analysis (PCA) to be used as an outlier detection method for high-speed Network Intrusion Detection Systems (NIDS). PCA is a common statistical method used in multivariate optimization problems in order to reduce the dimensionality of data while retaining a large fraction of the data characteristic. First, PCA is used to project the training set onto eigenspace vectors representing the mean of the data. These eigenspace vectors are then used to predict malicious connections in a workload containing normal and attack behavior. This simulations show that the architecture correctly classifies attacks with detection rates exceeding 99% and false alarms rates as low as 1.95%.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Real Time Data Mining-Based Intrusion Detection | 2008-01-01 | North Carolina State University |
| This paper presents an overview of the research in real time data mining-based Intrusion Detection Systems (IDSs). It focuses on issues related to deploying a data mining-based IDS in a real time environment. The paper describes the approaches to address three types of issues: accuracy, efficiency, and usability. To improve accuracy, data mining programs are used to analyze audit data and extract features that can distinguish normal activities from intrusions; it use artificial anomalies along with normal and/or intrusion data to produce more effective misuse and anomaly detection models. To improve efficiency, the computational costs of features are analyzed and a multiple-model cost-based approach is used to produce detection models with low cost and high accuracy.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
A Stateful Intrusion Detection System for World-Wide Web Servers | 2008-01-01 | University of California |
| Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom web-based applications may introduce vulnerabilities that are overlooked even by the most security-conscious server administrators. Consequently, web servers are a popular target for hackers. To mitigate the security exposure associated with web servers, intrusion detection systems are deployed to analyze and screen incoming requests. The goal is to perform early detection of malicious activity and possibly prevent more serious damage to the protected site. Even though intrusion detection is critical for the security of web servers, the intrusion detection systems available today only perform very simple analyses and are often vulnerable to simple evasion techniques.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Implementation and Performance Study of a New NAT/Firewall Signaling Protocol | 2008-01-01 | University of Gottingen |
| The NAT/Firewall NSIS Signaling Layer Protocol (NAT/Firewall NSLP) is a path-coupled signaling protocol for explicit Network Address Translator and firewall configuration within an extensible IP signaling framework currently being developed by the IETF Next Steps In Signaling (NSIS) working group. This new protocol allows end hosts to signal along a path to configure NATs and firewalls according to the data flow needs. This paper presents a first open source implementation and performance evaluation of NAT/Firewall NSLP. It shows that the implementation scales well and is able to support firewall signaling for up to tens of thousands of flows in parallel even in a low-end PC testbed environment.
Tags: Network Security, Security Tools |
|||
|
Bayesian Event Classification for Intrusion Detection | 2008-01-01 | University of California |
| Intrusion Detection Systems (IDSs) attempt to identify attacks by comparing collected data to predefined signatures known to be malicious (misuse-based IDSs) or to a model of legal behavior (anomaly-based IDSs). Anomaly-based approaches have the advantage of being able to detect previously unknown attacks, but they suffer from the difficulty of building robust models of acceptable behavior which may result in a large number of false alarms. Almost all current anomaly-based intrusion detection systems classify an input event as normal or anomalous by analyzing its features, utilizing a number of different models. A decision for an input event is made by aggregating the results of all employed models.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Toward Cost-Sensitive Modeling for Intrusion Detection and Response | 2008-01-01 | Columbia University |
| Intrusion Detection Systems (IDSs) must maximize the realization of security goals while minimizing costs. This paper studies the problem of building cost-sensitive intrusion detection models. The paper examines the major cost factors associated with an IDS, which include development cost, operational cost, damage cost due to successful intrusions, and the cost of manual and automated response to intrusions. These cost factors can be qualified according to a defined attack taxonomy and site-specific security policies and priorities. Cost models to formulate the total expected cost of an IDS is defined, and present cost-sensitive machine learning techniques that can produce detection models that are optimized for user-defined cost metrics.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Fast and Scalable Pattern Matching for Network Intrusion Detection Systems | 2008-01-01 | Stanford University |
| High-speed packet content inspection and filtering devices rely on a fast multi-pattern matching algorithm which is used to detect predefined keywords or signatures in the packets. Multi-pattern matching is known to require intensive memory accesses and is often a performance bottleneck. Hence specialized hardware-accelerated algorithms are required for line-speed packet processing. This paper presents hardware-implementable pattern matching algorithm for content filtering applications, which is scalable in terms of speed, the number of patterns and the pattern length. The algorithm is based on a memory efficient multi-hashing data structure called Bloom filter. The paper uses embedded on-chip memory blocks in FPGA/VLSI chips to construct Bloom filters which can suppress a large fraction of memory accesses and speed up string matching.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
A Game Theoretic Analysis of Intrusion Detection in Access Control Systems | 2008-01-01 | University of Illinois |
| This paper presents a game-theoretic analysis of intrusion detection in access control systems. A security game between the attacker and the intrusion detection system is investigated both in finite and continuous-kernel versions, where in the latter case players are associated with specific cost functions. The distributed virtual sensor network based on software agents with imperfect detection capabilities is also captured within the model introduced. This model is then extended to take the dynamic characteristics of the sensor network into account. Properties of the resulting dynamic system and repeated games between the players are discussed both analytically and numerically.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Adaptive Alert Throttling for Intrusion Detection Systems | 2008-01-01 | University of Nottingham |
| Each time an intrusion detection system raises an alert it must make some attempt to communicate the information to an operator. This communication channel can easily become the target of a denial of service attack because, like all communication channels, it has a fixed capacity. If this channel can become overwhelmed with bogus data, an attacker can quickly achieve complete neutralisation of intrusion detection capability. Although these types of attack are very hard to stop completely, the aim is to present techniques that improve alert throughput and capacity to such an extent that the resources required to successfully mount the attack become prohibitive.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Internet Security Outlook | 2008-01-01 | CA (Computer Associates) |
| It is the best of times. It is the worst of times. Whether for business or pleasure, the Internet has become an integral part of one's everyday lives. For multinational corporations and individual citizens alike, the Internet has made the world a smaller place, making it easier to get information, collaborate, and keep in touch. But as more business and personal interactions move into the cyber-domain, vast amounts of personal information is being collected, stored, and analyzed. Whether people are collaborating on a strategic business project, making an online purchase, or chatting casually online, their digital footprints have great value to marketers and fraudsters.
Tags: Security Management |
What's important from our sponsors
10 million IT Folks can't be wrong with their server choice.
HP ProLiant ML110 G5
HP ProLiant DL380 G5
HP ProLiant DL385 G5
Sponsored by
Cutting-edge technology from premium sponsors
Oracle Technology Solutions for Midsize Businesses
Oracle's Vision for an Enterprise Performance Management System
Improve employee productivity with an out-of-the-box employee portal
HP ProLiant ML110 G5 from $999
Click here for the reliable server that cost as little as a PC.
DBOptimizer
Discover, Diagnose & Optimise poor performing SQL…Fast!
C++Builder 2009
RAD visual development meets C++ power – download it now!
Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.
Country Report: India
Technology for national gains
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc., a CBS Company. All rights reserved. Privacy Policy.
