Detecting and displaying novel computer attacks with macroscope

被引：5

作者：

Cunningham, RK ^{[1
]}

Lippmann, RP ^{[1
]}

Webster, SE ^{[1
]}

机构：

[1] MIT, Lincoln Lab, Informat Syst Technol Grp, Lexington, MA 02420 USA

来源：

IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS | 2001年 / 31卷 / 04期

关键词：

bottleneck verification (BV); intrusion detection; security;

D O I：

10.1109/3468.935044

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Macroscope is a network-based intrusion detection system that uses bottleneck verification (BV) to detect user-to-superuser attacks. BV detects novel computer attacks by looking for users performing high privilege operations without passing through legal "bottleneck" checkpoints that grant those privileges. Macroscope's BV implementation models many common Unix commands, and has extensions to detect intrusions that exploit trust relationships, as well as previously installed Trojan programs. BV performs at a false alarm rate more than two orders of magnitude lower than a reference signature verification system, while simultaneously increasing the detection rate from roughly 20% to 80% of user-to-superuser attacks.

引用

下载

页码：275 / 281

页数：7

共 50 条

[1] An evolutionary programming approach for detecting novel computer network attacks
Anchor, KP
Lamont, GB
Gunsch, GH
CEC'02: PROCEEDINGS OF THE 2002 CONGRESS ON EVOLUTIONARY COMPUTATION, VOLS 1 AND 2, 2002, : 1618 - 1623
[2] A Novel Algorithm for Detecting GSMem Attacks
Zhu, Weijun
Nie, Kai
Ban, Shaohuan
Fan, Yongwen
Wang, Jianwei
PROCEEDINGS OF 2017 8TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS 2017), 2017, : 855 - 858
[3] A visual algebra for detecting port attacks on computer systems
Vert, G
Yuan, B
Cole, N
COMPUTER APPLICATIONS IN INDUSTRY AND ENGINEERING, 2003, : 131 - 135
[4] Detecting novel network attacks with a data field
Xie, Feng
Bai, Shuo
INTELLIGENCE AND SECURITY INFORMATICS, PROCEEDINGS, 2006, 3917 : 66 - 72
[5] Neural Networks Ensemble Approach for Detecting Attacks in Computer Networks
Bukhtoyarov, Vladimir
Semenkin, Eugene
2012 IEEE CONGRESS ON EVOLUTIONARY COMPUTATION (CEC), 2012,
[6] Detecting Attacks on Computer Networks using Artificial Intelligence Algorithms
Krolik, Lukasz
Kedziora, Michal
Mizera-Pietraszko, Jolanta
Jozwiak, Ireneusz
PROCEEDINGS OF 2022 14TH INTERNATIONAL CONFERENCE ON MANAGEMENT OF DIGITAL ECOSYSTEMS, MEDES 2022, 2022, : 110 - 114
[7] DISCOVERING, QUANTIFYING, AND DISPLAYING ATTACKS
Vigo, Roberto
Nielson, Flemming
Nielson, Hanne Riis
LOGICAL METHODS IN COMPUTER SCIENCE, 2016, 12 (04)
[8] A Novel Visualization Method for Detecting DDoS Network Attacks
Zhang, Jiawan
Yang, Guoqiang
Lu, Liangfu
Huang, MaoLin
Che, Ming
VISUAL INFORMATION COMMUNICATION, 2010, : 185 - +
[9] A novel approach to detecting DDoS attacks at an early stage
Xiao, Bin
Chen, Wei
He, Yanxiang
JOURNAL OF SUPERCOMPUTING, 2006, 36 (03): : 235 - 248
[10] A novel approach to detecting DDoS Attacks at an Early Stage
Bin Xiao
Wei Chen
Yanxiang He
The Journal of Supercomputing, 2006, 36 : 235 - 248

← 1 2 3 4 5 →