Lattice matching for detecting distributed intrusions
"Intrusion detection systems (IDS) are crucial components of the security mechanisms of today's computer systems. Intrusion detection has been an active field of research for about three decades. Existing research on intrusion detection has focused on sequential intrusions. However, intrusions can also be formed by concurrent interactions of multiple processes. Some of the intrusions caused by these events cannot be detected using sequential intrusion detection methods. Therefore, there is a need for a mechanism that views the concurrent system as a whole. L-BID (Lattice-based intrusion detection) is proposed to address this problem. In the L-BID framework, a library of intrusions and collected distributed system traces are represented as lattices. Then these lattices are compared in order to infer to the existence of intrusion in the collected distributed system traces. The similarity between these lattices is used as a quantitative metric for L-BID. The applicability of lattice matching method to the concurrent intrusion detection problem is investigated and the challenging aspects of this work are outlined"--Abstract, page iii.
Wilkerson, Ralph W.
Cheng, Maggie Xiaoyan
Stanley, R. Joe
Madison, Don H.
Ph. D. in Computer Science
Missouri University of Science and Technology
x, 103 pages
© 2008 Sule Simsek, All rights reserved.
Dissertation - Citation
Computer networks -- Security measures
Electronic data processing -- Distributed processing -- Security measures
Print OCLC #
Link to Catalog Record
Full-text not available: Request this publication directly from Missouri S&T Library or contact your local library.http://merlin.lib.umsystem.edu/record=b6596381~S5
Simsek, Sule, "Lattice matching for detecting distributed intrusions" (2008). Doctoral Dissertations. 1762.
Share My Dissertation If you are the author of this work and would like to grant permission to make it openly accessible to all, please click the button above.