| Title | Date Added | Company | |
|---|---|---|---|
 |
Performance Comparison of Intrusion Detection System Classifiers Using Various Feature Reduction Techniques | 2008-01-31 | Erode Sengunthar Engineering College |
| This paper compares the performance of Intrusion Detection System (IDS) Classifiers using various feature reduction techniques. To enhance the learning capabilities and reduce the computational intensity of competitive learning neural network classifiers, different dimension reduction techniques have been proposed. These include: Principal Component Analysis, Linear Discriminant Analysis, and Independent Component Analysis. Many Intrusion Detection Systems are based on neural networks. However, they are computationally very demanding. In order to mitigate this problem, dimension reduction techniques are applied to a given dataset to extract important features. In the proposed research various classifiers are applied to the reduced feature dataset and their performance is compared. On the basis of these results, a technique is proposed which performs exceptionally well, in terms of both accuracy and computation time.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
An Agent-Based Intrusion Detection System | 2008-01-23 | South University |
| This paper will discuss research and programming done to investigate the advantages and disadvantages of distributed host based intrusion detection. More common types of intrusion detection will be discussed to give a background to the field, as well as give reference points with which to compare distributed host based intrusion detection systems. Techniques for detecting intruders locally will also be discussed, including the techniques used in the process monitor written for this assignment.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
EPICS CA Gateway Employment in the BEPCII Network | 2008-01-15 | CERN |
| The EPICS Process Variable Gateway has become a stable, high-performance application that provides access to process variables while minimizing the impact on critical Input-Output Controllers (IOCs) and implementing additional access security. The additional access security typically prevents write access but is highly configurable. The control network of the BEPCII is divided into two separate different subnets in the control network. In order to access IOC PVs between the separate subnets as well as IOC PVs from the campus network, EPICS CA gateway has been employed in the BEPCII network. This paper introduces the Gateways application in the BEPCII control network and describes the procedures of the Gateway setup as well as the test result.
Tags: Security Management, Gateways - Hubs |
|||
|
Intelligence and Identity | 2008-01-01 | Oracle |
| When one is deploying Oracle Business Intelligence Enterprise Edition, how one handles identity management is as important as query speed and the quality of the data. A well-architected identity management solution ensures that the users are set up automatically when they first join the organization, that they can quickly access applications and data appropriate for their varied roles, and that personal details and access privileges can be easily managed. This paper focuses on integrating Oracle Business Intelligence Enterprise Edition with two of Oracle's flagship identity management tools: Oracle Internet Directory and Oracle Application Server Single Sign-On. The user will see how to combine the security features of Oracle Business Intelligence Enterprise Edition and Oracle Identity Management to provide granular, secure access to data.
Tags: Security Management, Business Intelligence - Data Warehousing |
|||
|
Applying Fast String Matching to Intrusion Detection | 2008-01-01 | University of California |
| The performance of signature-based network intrusion detection tools is dominated by the string matching of packets against many signatures. This paper studies how the popular intrusion detection system Snort can be best optimized to utilize different string matching algorithms. The paper analyzes the performance of Snort's current string matching algorithm, Boyer-Moore, and several alternate algorithms. The paper shows that no single algorithm is fastest in the context of a real Snort rule set. Instead, the paper develops a hybrid system that utilizes three different search algorithms, including one new algorithm presented in this paper. The result is a system that matches many common packets 5 times faster with an average speedup of 50%.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Enriching Intrusion Alerts Through Multi-Host Causality | 2008-01-01 | University of Michigan |
| Current intrusion detection systems point out suspicious states or events but do not show how the suspicious state or events relate to other states or events in the system. This paper shows how to enrich an IDS alert with information about how those alerts causally lead to or result from other events in the system. By enriching IDS alerts with this type of causal information, one can leverage existing IDS alerts to learn more about the suspected attack. Backward causal graphs can be used to find which host allowed a multi-hop attack (such as a worm) to enter a local network; forward causal graphs can be used to find the other hosts that were affected by the multi-hop attack.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Honeycomb - Creating Intrusion Detection Signatures Using Honeypots | 2008-01-01 | University of Cambridge |
| This paper describes a system for automated generation of attack signatures for network intrusion detection systems. The system applies pattern-matching techniques and protocol conformance checks on multiple levels in the protocol hierarchy to network traffic captured a honeypot system. This paper presents results of running the system on an unprotected cable modem connection for 24 hours. The system successfully created precise traffic signatures that otherwise would have required the skills and time of a security officer to inspect the traffic manually.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
A Cooperative Intrusion Detection System for Ad Hoc Networks | 2008-01-01 | Georgia Institute of Technology |
| Mobile Ad hoc NETworking (MANET) has become an exciting and important technology in recent years because of the rapid proliferation of wireless devices. MANETs are highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. This paper reports the progress in developing Intrusion Detection (ID) capabilities for MANET. Building on the prior work on anomaly detection, the paper investigates how to improve the anomaly detection approach to provide more details on attack types and sources. For several well-known attacks, one can apply a simple rule to identify the attack type when an anomaly is reported. In some cases, these rules can also help identify the attackers.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
MINDS - Minnesota Intrusion Detection System | 2008-01-01 | University of Minnesota |
| This paper introduces the Minnesota Intrusion Detection System (MINDS), which uses a suite of data mining techniques to automatically detect attacks against computer networks and systems. While the long-term objective of MINDS is to address all aspects of intrusion detection, this paper focuses on two specific contributions: an unsupervised anomaly detection technique that assigns a score to each network connection that reflects how anomalous the connection is, and an association pattern analysis based module that summarizes those network connections that are ranked highly anomalous by the anomaly detection module.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Attribution and Aggregation of Network Flows for Security Analysis | 2008-01-01 | Dartmouth College |
| This paper describes a network flow analyzer that is capable of attribution and aggregation of different flows into single activity events for the purposes of identifying suspicious and illegitimate behaviors. Flows are correlated with security events using the Process Query System (PQS) infrastructure. This paper shows results from initial experiments and describes plans for extending the effort. The correlation of networks flows with security events appears to have high potential for aggregating disparate network and host activity and for classifying network activity as either benign or suspicious.
Tags: Security Management, Security Tools |
What's important from our sponsors
Webcast:
Enabling Telecom 2.0 with the next generation Service Delivery Platform
Date: Thurs, 28th Aug
Time:
1:30pm (HKG/SGP)
11:00am (India)
Time:
1:30pm (HKG/SGP)
11:00am (India)
Featured Speakers
Register now to attend this live webcast where the featured speakers address current trends of service delivery and share a case study on how a leading SEA Telco Operator enhanced speed to market.
Sponsored by
Cutting-edge technology from premium sponsors
Oracle Technology Solutions for Midsize Businesses
Oracle's Vision for an Enterprise Performance Management System
Improve employee productivity with an out-of-the-box employee portal
Oracle Live Webcast
Enabling Telecom 2.0 with the next generation Service Delivery Platform
Careers at Accenture
Immediate job opportunities at Accenture – Apply Now!
Oracle Technology Solutions for Midsize Businesses
Find out more about Oracle's Vision for an Enterprise Performance Management System
Compare your IT salary
Sign-up for free download of IT salary benchmark report 2008.
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc. All rights reserved. Privacy Policy.
