Books > Computing & IT > Applications of computing > Databases > Data security & data encryption
|
Buy Now
Intrusion Detection in Distributed Systems - An Abstraction-Based Approach (Hardcover, 2004 ed.)
Loot Price: R1,559
Discovery Miles 15 590
|
|
Intrusion Detection in Distributed Systems - An Abstraction-Based Approach (Hardcover, 2004 ed.)
Series: Advances in Information Security, 9
Expected to ship within 10 - 15 working days
|
Intrusion detection systems (IDS) are usually deployed along with
other preventive security mechanisms, such as access control and
authentication, as a second line of defense that protects
information systems. Intrusion detection complements the protective
mechanisms to improve the system security. Moreover, even if the
preventive security mechanisms can protect information systems
successfully, it is still desirable to know what intrusions have
happened or are happening, so that the users can understand the
security threats and risks and thus be better prepared for future
attacks. Intrusion detection techniques are traditionally
categorized into two classes: anomaly detection and misuse
detection. Anomaly detection is based on the normal behavior of a
subject (a user or a system); any action that significantly
deviates from the normal behaviour is considered intrusive. Misuse
detection catches intrusions in terms of characteristics of known
attacks or system vulnerabilities; any action that conforms to the
pattern of known attack or vulnerability is considered intrusive.
and network based IDSs according to the source of the audit
information used by each IDS. Host-based IDSs get audit data from
host audit trails and usually aim at detecting attacks against a
single host; distributed IDSs gather audit data from multiple hosts
and possibly the network and connects the hosts, aiming at
detecting attacks involving multiple hosts; network-based IDSs use
network traffic as the audit data source, relieving the burden on
the hosts that usually provide normal computing services. Intrusion
Detection In Distributed Systems: An Abstraction-Based Approach
presents research contributions in three areas with respect to
intrusion detection in distributed systems. The first contribution
is an abstraction-based approach to addressing heterogeneity and
autonomy of distributed environments. The second contribution is a
formal framework for modelling requests among co-operative IDSs and
its application to Common Intrusion Detection Framework (CIDF). The
third contribution is a novel approach to coordinating different
IDSs for distributed event correlation.
General
Is the information for this product incomplete, wrong or inappropriate?
Let us know about it.
Does this product have an incorrect or missing image?
Send us a new image.
Is this product missing categories?
Add more categories.
Review This Product
No reviews yet - be the first to create one!
|
You might also like..
|
Email address subscribed successfully.
A activation email has been sent to you.
Please click the link in that email to activate your subscription.