Abstract
This paper presents an efficient implementation technique for presenting multivariate audit data needed by statistical-based intrusion detection systems. Multivariate data analysis is an important tool in statistical intrusion detection systems. Typically, multivariate statistical intrusion detection systems require visualization of the multivariate audit data in order to facilitate close inspection by security administrators during profile creation and intrusion alerts. However, when applying these intrusion detection schemes to web-based Internet applications, the space complexity of the visualization process is usually prohibiting due to the large number of resources managed by the web server. In order for the approach to be adopted effectively in practice, this paper presents an efficient technique that allows manipulation and visualization of a large amount of multivariate data. Experimental results show that our technique greatly reduces the space requirement of the visualization process, thus allowing the approach to be adopted for monitoring web-based Internet applications.
Keywords
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Power, R.: 2002 CSI/FBI Computer Crime and Security Survey (2002), http://www.gocsi.com
Denning, D.E.: An intrusion detection model. IEEE Trans on Software Engineering SE-13, 222–232 (1987)
Cunningham, R.K., et al.: Evaluation Intrusion Detection Systems without Attacking your Friends: The 1998 DAPRA Intrusion Detection Evaluation, Lincoln Laboratory, MIT, USA (1998)
Biermann, E., Cloete, E., Venter, L.M.: A Comparison of Intrusion Detection Systems. Computers & Security 20, 676–683 (2001)
Ye, N., et al.: Multivariate Statistical Analysis of Audit Trails for Host-Based Intrusion Detection. IEEE Trans. on Computers 51(7) (2002)
Ye, N., et al.: Probabilistic Techniques for Intrusion Detection Based on Computer Audit Data. IEEE Transactions on Systems, Man, and Cybernetics – Part A: Systems and Humans 31(4) (2001)
Lam, K.-Y., Hui, L., Chung, S.-L.: Multivariate Data Analysis Software for Enhancing System Security. J. Systems Software 31, 267–275 (1995)
De Backer, S., Naud, A., Scheunders, P.: Non-linear dimensionality reduction techniques for unsupervised feature extraction. Pattern Recognition Letters 19, 711–720 (1998)
Girardin, L., Brodbeck, D.: A visual appraoch for monitoring logs. In: Proc. of the Twelth Systems Administration Conf., p. 299. USENIX Association, Berkeley (1998)
Jacob, B.: Linear Algebra. Freeman, New York (1990)
Golub, G.H., Yon Lean, C.F.: Matrix Computation. John Hopkins Univ Press, Baltimore (1983)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guo, Z., Lam, KY., Chung, SL., Gu, M., Sun, JG. (2003). Efficient Presentation of Multivariate Audit Data for Intrusion Detection of Web-Based Internet Services. In: Zhou, J., Yung, M., Han, Y. (eds) Applied Cryptography and Network Security. ACNS 2003. Lecture Notes in Computer Science, vol 2846. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45203-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-45203-4_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20208-0
Online ISBN: 978-3-540-45203-4
eBook Packages: Springer Book Archive