Abstract
A model designed for the analysis of intrusion detection methods is described. The model also helps validate such methods and estimate their complexity. In terms of this model, a new intrusion detection method is proposed, its validity is proved, and its computational complexity is evaluated. It differs from the available expert-based methods in that it does not impose constraints on the behavior being detected and makes it possible to detect unknown or modified attacks.
Similar content being viewed by others
References
Amoroso, E.G., Intrusion Detection, Sparta, NJ: Intrusion. Net Books, 1999.
Ranum, M.J., Experiences Benchmarking Intrusion Detection Systems, http://www.snort.org /docs/Benchmarking-IDS-NFR.pdf.
Smelyanskii, R.L., A Model of the Operation of Distributed Computer Systems, Vestn. Mosk. Univ., Ser. 15, Vychisl. Mat. Kibern., No. 3, pp. 3–21.
Eckmann, S.T., Vigna, G., and Kemmerer, R.A., STATL: An Attack Language for State-Based Intrusion Detection, Depart. Of Computer Science, Univ. of California: Santa Barbara, 2000.
Sheyner, O., Scenario Graphs and Attack Graphs, PhD thesis, SCS, Carnegie Mellon Univ., 2004.
Smelyanskii, R.L. and Gamayunov, D.Yu., Modern Noncommercial Tools for Attack Detection, Moscow: Faculty of Computational Mathematics and Cybernetics, Mosc. Gos. Univ., 2002.
Smelyanskii, R.L. and Kachalin, A.I., Application of Neuron Networks for Detecting of Anomalous Behavior of Objects in Computer Networks, Moscow: Faculty of Computational Mathematics and Cybernetics, Mosc. Gos. Univ., 2004.
Gorodetski, V.I. and Kotenko, I.V., Attacks against Computer Network: Formal Grammar-Based Framework and Simulation Tool, St. Petersburg Institute for Informatics and Automation, RAID, 2002, pp. 219–238.
GOST (State Standard) R 50922-96: Information Protection: Main Terms and Definitions, 1996.
Author information
Authors and Affiliations
Additional information
Original Russian Text © D. Yu. Gamayunov, R. L. Smelyanskii, 2007, published in Programmirovanie, 2007, Vol. 33, No. 4.
Rights and permissions
About this article
Cite this article
Gamayunov, D.Y., Smelyanskii, R.L. A model of the behavior of network objects in distributed computer systems. Program Comput Soft 33, 195–203 (2007). https://doi.org/10.1134/S0361768807040020
Received:
Issue Date:
DOI: https://doi.org/10.1134/S0361768807040020