Sciweavers

ACSAC
1998
IEEE

Detecting Anomalous and Unknown Intrusions Against Programs

14 years 4 months ago
Detecting Anomalous and Unknown Intrusions Against Programs
The ubiquity of the Internet connection to desktops has been both boon to business as well as cause for concern for the security of digital assets that may be unknowingly exposed. Firewalls have been the most commonly deployed solution to secure corporate assets against intrusions, but rewalls are vulnerable to errors in con guration, ambiguous security policies, data-driven attacks through allowed services, and insider attacks. The failure of rewalls to adequately protect digital assets from computer-based attacks has been boon to commercial intrusion detection tools. Two general approaches to detecting computer security intrusions in real-time are misuse detection and anomaly detection. Misuse detection attempts to detect known attacks against computer systems. Anomaly detection uses knowledge of users' normal behavior to detect attempted attacks. The primary advantage of anomaly detection over misuse detection methods is the ability to detect novel and unknown intrusions. This...
Anup K. Gosh, James Wanken, Frank Charron
Added 04 Aug 2010
Updated 04 Aug 2010
Type Conference
Year 1998
Where ACSAC
Authors Anup K. Gosh, James Wanken, Frank Charron
Comments (0)