| Title | Date Added | Company | |
|---|---|---|---|
 |
Data Security - Complexity, Cost and Potential Legislation | 2008-03-01 | Kaulkin Ginsberg |
| Currently, there is no uniform standard for data security - either voluntary or mandated by the federal government. However, the large number of bills introduced in recent Congresses suggests that the House and the Senate are no longer looking the other way. With the significant possibility of legislative changes establishing a whole new series of compliance requirements, there is a strong case for the financial services industry to create one on its own. As businesses grapple with the issues of data security and identity theft, the financial services industry has developed a number of standards and certifications in its attempts to ensure compliance with existing federal guidelines for the storage and sharing of consumer information.
Tags: Data Recovery - Security |
|||
|
Real-Time Multistage Attack Awareness Through Enhanced Intrusion Alert Clustering | 2007-12-01 | University at Buffalo |
| Correlation and fusion of intrusion alerts to provide effective Situation Awareness of cyber-attacks has become an active area of research. Snort is the most widely deployed intrusion detection sensor. For many networks and their system administrators, the alerts generated by Snort are the primary indicators of network misuse and attacker activity. However, the volume of the alerts generated in typical networks makes real-time attack scenario comprehension dif-cult. This paper present an attack-stage oriented classification of alerts using Snort as an example, and demonstrate that this effectively improves real-time Situation Awareness of multistage attacks. It also incorporate this scheme into a real-time attack detection framework and prototype presented by the authors in previous work and provide some results from testing against multistage attack scenarios.
Tags: Intrusion Detection Systems |
|||
|
Improving the Efficiency and Robustness of Intrusion Detection Systems | 2007-12-01 | Georgia Institute of Technology |
| With the increase in the complexity of computer systems, existing security measures are not enough to prevent attacks. Intrusion detection systems have become an integral part of computer security to detect attempted intrusions. Intrusion detection systems need to be fast in order to detect intrusions in real time. Furthermore, intrusion detection systems need to be robust against the attacks which are disguised to evade them. The runtime complexity and space requirements of a host-based anomaly detection system are improved that uses q-gram matching. q-gram matching is often used for approximate substring matching problems in a wide range of application areas, including intrusion detection.
Tags: Intrusion Detection Systems |
|||
|
Dependency-Based Distributed Intrusion Detection | 2007-12-01 | Massachusetts Institute of Technology |
| Distributed network intrusion detection has attracted much attention recently. The main focus in this work is on zero-day, slow-scanning worms, of which no existing signatures are available. End hosts are organized into regions based on network knowledge, which it posits is positively correlated to the dependency structure. Leveraging on this organization, different intrusion detection techniques are applied within and across regions. A Hidden Markov Model (HMM) is used within a region to capture the dependency among hosts, and use Sequential Hypothesis Testing (SHT) globally to take advantage of the independence between regions.
Tags: Intrusion Detection Systems |
|||
|
Stealthy Malware Detection Through VMM-Based "Out-of-the-Box" Semantic View Reconstruction | 2007-11-02 | Association for Computing Machinery |
| An alarming trend in malware attacks is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts they are protecting ("In the box"), making them vulnerable to counter-detection and subversion by malware. To address this limitation, recent solutions based on Virtual Machine (VM) technologies advocate placing the malware detection facilities outside of the protected VM ("Out of the box"). However, they gain tamper resistance at the cost of losing the native, semantic view of the host which is enjoyed by the "In the box" approach, thus leading to a technical challenge known as the semantic gap. | |||
|
Genetic Algorithm for Framing Rules for Intrusion Detection | 2007-11-01 | SCAD COLLEGE OF ENGINEERING & TECHNOLOGY |
| With the rapid expansion of computer networks during the past decade, security has become a crucial issue for computer systems. The detection of attacks against computer networks is becoming a harder problem to solve in the field of Network security. Intrusion Detection is an essential mechanism to protect computer systems from many attacks. As the transmission of data over the internet increases the need to protect connected system also increases. Therefore, unwanted intrusions take place when the actual software systems are running. A brief overview of Intrusion Detection System, genetic algorithm and related detection techniques was presented. In this paper the method of learning the Intrusion Detection, rules based on genetic algorithms is presented.
Tags: Intrusion Detection Systems |
|||
|
Vulnerability Assessment: The Right Tools to Protect Your Critical Data | 2007-10-18 | Application Security |
| Vulnerability Assessment (VA) has become one of the hottest fields within the computer security market. VA tools are designed to detect and report on security holes within various software applications, allowing organizations to take corrective actions before a devastating attack occurs. Due to the reduction in "time to exploit" once a new vulnerability reaches the public domain, and the regulatory pressures imposed on businesses within a variety of verticals, the need for reliable vulnerability assessment has never been greater. Unfortunately, the environment in which software applications are developed today is largely driven by schedule and features, rather then stability or security.
Tags: Data Recovery - Security |
|||
|
The Critical Importance of Three-Dimensional Protection (3DP) in an Intrusion Prevention System | 2007-10-18 | Top Layer Networks |
| Many companies also employ network intrusion detection systems (IDS), which inspect the network traffic and report their findings to log files and databases. IDS tools have been instrumental in providing forensics about attacks and in determining over time what areas of the network become compromised. While IDSs enable record-keeping, an alarm function, and eventual analysis and remediation, they do not stop or mitigate damage from malicious attacks in real time. An increasing number of organizations, therefore, are using network intrusion prevention systems in addition to other network security measures to mitigate information security risks. This is a generally positive development, as inline intrusion prevention systems with deep packet inspection capabilities are critical to protecting corporate networks.
Tags: Intrusion Detection Systems |
|||
|
Characterizing Intrusion Tolerant Systems Using a State Transition Model | 2007-06-30 | Duke University |
| Intrusion detection and response research has so far mostly concentrated on known and well-defined attacks. The authors believe that this narrow focus of attacks accounts for both the successes and limitation of commercial in Intrusion Detection Systems (IDS). Intrusion tolerance, on the other hand, is inherently tied to functions and services that require protection. This paper presents a state transition model to describe the dynamic behavior of intrusion tolerant systems. This model provides a framework from which one can define the vulnerability and the threat set to be addressed. The authors also show how this model helps one to describe both known and unknown security exploits by focusing on impacts rather than specific attack procedures.
Tags: Intrusion Detection Systems |
|||
|
LITEWORP: Detection and Isolation of the Wormhole Attack in Static Multihop Wireless Networks | 2007-06-12 | Purdue University |
| In multihop wireless systems, such as ad-hoc and sensor networks, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is known as the wormhole attack, where a malicious node records control and data traffic at one location and tunnels it to a colluding node far away, which replays it locally. This can either disrupt route establishment or make routes pass through the malicious nodes. This paper presents a lightweight countermeasure for the wormhole attack, called LITEWORP, which relies on overhearing neighbor communication. LITEWORP is particularly suitable for resource-constrained multihop wireless networks, such as sensor networks. This solution allows detection of the wormhole, followed by isolation of the malicious nodes. |
What's important from our sponsors
Webcast: Maximizing Data Protection with Disk-Based Backup
Receive a complimentary copy of the IDC Analyst Connection when you sign up
Sponsored by
Cutting-edge technology from premium sponsors
HP Simply StorageWorks D2D Backup System
Explore this disk-to-disk backup system that is fully automated and provides reliable data protection for your business.
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CNET Networks, Inc. All rights reserved. Privacy Policy.
