A network security monitor
This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the h...
Gespeichert in:
| Hauptverfasser: | , , , , , |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 304 |
|---|---|
| container_issue | |
| container_start_page | 296 |
| container_title | |
| container_volume | |
| creator | Heberlein, L.T. Dias, G.V. Levitt, K.N. Mukherjee, B. Wood, J. Wolber, D. |
| description | This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated.< > |
| doi_str_mv | 10.1109/RISP.1990.63859 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_63859</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>63859</ieee_id><sourcerecordid>63859</sourcerecordid><originalsourceid>FETCH-LOGICAL-c258t-9d69d1d128089b5a87f003532db866285bd574980c4e15f30487cd6dba88d8f83</originalsourceid><addsrcrecordid>eNotjs1qwkAURgdKwWKzLnaVF0i8d37vXYpYFYSK2rUkmQmkrUYmEfHtK9pvc3bnfEK8IeSIwOPNcrvOkRlyq8jwk0jYERCSlWDBDUTSdd9wm1YGNbyI90l6DP2ljT9pF6pzbPpremiPTd_GV_FcF79dSP45FF8fs910ka0-58vpZJVV0lCfsbfs0aO8dbg0BbkaQBklfUnWSjKlN04zQaUDmlqBJld568uCyFNNaihGD28TQtifYnMo4nV__6_-APj0OOs</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>A network security monitor</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Heberlein, L.T. ; Dias, G.V. ; Levitt, K.N. ; Mukherjee, B. ; Wood, J. ; Wolber, D.</creator><creatorcontrib>Heberlein, L.T. ; Dias, G.V. ; Levitt, K.N. ; Mukherjee, B. ; Wood, J. ; Wolber, D.</creatorcontrib><description>This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated.< ></description><identifier>ISBN: 9780818620607</identifier><identifier>ISBN: 0818620609</identifier><identifier>DOI: 10.1109/RISP.1990.63859</identifier><language>eng</language><publisher>IEEE Comput. Soc. Press</publisher><subject>Area measurement ; Broadcasting ; Computer networks ; Computer science ; Computer security ; Computerized monitoring ; Ethernet networks ; Information security ; Local area networks ; Wide area networks</subject><ispartof>Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy, 1990, p.296-304</ispartof><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c258t-9d69d1d128089b5a87f003532db866285bd574980c4e15f30487cd6dba88d8f83</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/63859$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2052,4036,4037,27902,54895</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/63859$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Heberlein, L.T.</creatorcontrib><creatorcontrib>Dias, G.V.</creatorcontrib><creatorcontrib>Levitt, K.N.</creatorcontrib><creatorcontrib>Mukherjee, B.</creatorcontrib><creatorcontrib>Wood, J.</creatorcontrib><creatorcontrib>Wolber, D.</creatorcontrib><title>A network security monitor</title><title>Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy</title><addtitle>RISP</addtitle><description>This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated.< ></description><subject>Area measurement</subject><subject>Broadcasting</subject><subject>Computer networks</subject><subject>Computer science</subject><subject>Computer security</subject><subject>Computerized monitoring</subject><subject>Ethernet networks</subject><subject>Information security</subject><subject>Local area networks</subject><subject>Wide area networks</subject><isbn>9780818620607</isbn><isbn>0818620609</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>1990</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotjs1qwkAURgdKwWKzLnaVF0i8d37vXYpYFYSK2rUkmQmkrUYmEfHtK9pvc3bnfEK8IeSIwOPNcrvOkRlyq8jwk0jYERCSlWDBDUTSdd9wm1YGNbyI90l6DP2ljT9pF6pzbPpremiPTd_GV_FcF79dSP45FF8fs910ka0-58vpZJVV0lCfsbfs0aO8dbg0BbkaQBklfUnWSjKlN04zQaUDmlqBJld568uCyFNNaihGD28TQtifYnMo4nV__6_-APj0OOs</recordid><startdate>1990</startdate><enddate>1990</enddate><creator>Heberlein, L.T.</creator><creator>Dias, G.V.</creator><creator>Levitt, K.N.</creator><creator>Mukherjee, B.</creator><creator>Wood, J.</creator><creator>Wolber, D.</creator><general>IEEE Comput. Soc. Press</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>1990</creationdate><title>A network security monitor</title><author>Heberlein, L.T. ; Dias, G.V. ; Levitt, K.N. ; Mukherjee, B. ; Wood, J. ; Wolber, D.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c258t-9d69d1d128089b5a87f003532db866285bd574980c4e15f30487cd6dba88d8f83</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>1990</creationdate><topic>Area measurement</topic><topic>Broadcasting</topic><topic>Computer networks</topic><topic>Computer science</topic><topic>Computer security</topic><topic>Computerized monitoring</topic><topic>Ethernet networks</topic><topic>Information security</topic><topic>Local area networks</topic><topic>Wide area networks</topic><toplevel>online_resources</toplevel><creatorcontrib>Heberlein, L.T.</creatorcontrib><creatorcontrib>Dias, G.V.</creatorcontrib><creatorcontrib>Levitt, K.N.</creatorcontrib><creatorcontrib>Mukherjee, B.</creatorcontrib><creatorcontrib>Wood, J.</creatorcontrib><creatorcontrib>Wolber, D.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Heberlein, L.T.</au><au>Dias, G.V.</au><au>Levitt, K.N.</au><au>Mukherjee, B.</au><au>Wood, J.</au><au>Wolber, D.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>A network security monitor</atitle><btitle>Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy</btitle><stitle>RISP</stitle><date>1990</date><risdate>1990</risdate><spage>296</spage><epage>304</epage><pages>296-304</pages><isbn>9780818620607</isbn><isbn>0818620609</isbn><abstract>This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated.< ></abstract><pub>IEEE Comput. Soc. Press</pub><doi>10.1109/RISP.1990.63859</doi><tpages>9</tpages><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | ISBN: 9780818620607 |
| ispartof | Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy, 1990, p.296-304 |
| issn | |
| language | eng |
| recordid | cdi_ieee_primary_63859 |
| source | IEEE Electronic Library (IEL) Conference Proceedings |
| subjects | Area measurement Broadcasting Computer networks Computer science Computer security Computerized monitoring Ethernet networks Information security Local area networks Wide area networks |
| title | A network security monitor |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-11T20%3A34%3A20IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=A%20network%20security%20monitor&rft.btitle=Proceedings.%201990%20IEEE%20Computer%20Society%20Symposium%20on%20Research%20in%20Security%20and%20Privacy&rft.au=Heberlein,%20L.T.&rft.date=1990&rft.spage=296&rft.epage=304&rft.pages=296-304&rft.isbn=9780818620607&rft.isbn_list=0818620609&rft_id=info:doi/10.1109/RISP.1990.63859&rft_dat=%3Cieee_6IE%3E63859%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=63859&rfr_iscdi=true |