Doctoral Dissertations


Lattice matching for detecting distributed intrusions


Sule Simsek


"Intrusion detection systems (IDS) are crucial components of the security mechanisms of today's computer systems. Intrusion detection has been an active field of research for about three decades. Existing research on intrusion detection has focused on sequential intrusions. However, intrusions can also be formed by concurrent interactions of multiple processes. Some of the intrusions caused by these events cannot be detected using sequential intrusion detection methods. Therefore, there is a need for a mechanism that views the concurrent system as a whole. L-BID (Lattice-based intrusion detection) is proposed to address this problem. In the L-BID framework, a library of intrusions and collected distributed system traces are represented as lattices. Then these lattices are compared in order to infer to the existence of intrusion in the collected distributed system traces. The similarity between these lattices is used as a quantitative metric for L-BID. The applicability of lattice matching method to the concurrent intrusion detection problem is investigated and the challenging aspects of this work are outlined"--Abstract, page iii.


Wilkerson, Ralph W.

Committee Member(s)

Leopold, Jennifer
Cheng, Maggie Xiaoyan
Stanley, R. Joe
Madison, Don H.


Computer Science

Degree Name

Ph. D. in Computer Science


Missouri University of Science and Technology

Publication Date

Spring 2008


x, 103 pages

Note about bibliography

Includes bibliographical references (pages 97-102).


© 2008 Sule Simsek, All rights reserved.

Document Type

Dissertation - Citation

File Type




Subject Headings

Computer networks -- Security measures
Computer security
Electronic data processing -- Distributed processing -- Security measures
Lattice theory
Matching theory

Thesis Number

T 9394

Print OCLC #


Link to Catalog Record

Full-text not available: Request this publication directly from Missouri S&T Library or contact your local library.

This document is currently not available here.

Share My Dissertation If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.