Real-Time Intrusion Detection with Emphasis on Insider Attacks

Upadhyaya, Shambhu

doi:10.1007/978-3-540-45215-7_6

Shambhu Upadhyaya⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2776))

Included in the following conference series:

International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security

768 Accesses

Abstract

Securing the cyberspace from attacks is critical to the economy and well being of any country. During the past few years, threats to cyberspace have risen dramatically. It is impossible to close all security loopholes in a computer system by building firewalls or using cryptographic techniques. As a result, intrusion detection has emerged as a key technique for cyber security. Currently there are more than 100 commercial tools and research prototypes for intrusion detection. These can be largely classified as either misuse or anomaly detection systems. While misuse detection looks for specific signs by comparing the current activity against a database of known activity, anomaly detection works by generating a reference line based on the system model and signaling significant deviations from it as intrusions. Both approaches rely on audit trails, which can be very huge. Moreover, conventionally they are off-line and offer little in terms of strong deterrence in the face of attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Chinchani, R., Upadhyaya, S., Kwiat, K.: Towards the scalable implementation of a user level anomaly detection system. In: IEEE MILCOM 2002, Anaheim, CA (October 2002)
Google Scholar
Debar, H., Dacier, M., Wespi, A.: Towards a Taxonomy of Intrusion Detection Systems. Computer Networks 31, 805–822 (1999)
Article Google Scholar
Dening, D.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering SE-13(2), 222–232 (1987)
Article Google Scholar
Upadhyaya, S., Kwiat, K.: A distributed concurrent intrusion detection scheme based on assertions. In: SCS Int. Symposium on Performance Evaluation of Computer and Telecommunication Systems, Chicago, IL, pp. 369–376 (July 1999)
Google Scholar
Upadhyaya, S., Chinchani, R., Kwiat, K.: An analytical framework for reasoning about intrusions. In: IEEE Symposium on Reliable Distributed Systems, New Orleans, LA , pp. 99–108 (October 2001)
Google Scholar

Download references

Author information

Authors and Affiliations

University at Buffalo, Buffalo, New York, 14260, USA
Shambhu Upadhyaya

Authors

Shambhu Upadhyaya
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

St. Petersburg Intitute for Informaticsand Automation, 39, 14-th Liniya, 199178, St. Petersburg, Russia
Vladimir Gorodetsky
AFRL/IF, 525 Brooks Rd., 13441-4505, Rome, NY, USA
Leonard Popyack
US Air Force, Binghamton University (SUNYI), 13902, Binghamton, NY, USA
Victor Skormin

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Upadhyaya, S. (2003). Real-Time Intrusion Detection with Emphasis on Insider Attacks. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds) Computer Network Security. MMM-ACNS 2003. Lecture Notes in Computer Science, vol 2776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45215-7_6

Download citation

DOI: https://doi.org/10.1007/978-3-540-45215-7_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40797-3
Online ISBN: 978-3-540-45215-7
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics