Lunt, 1990 - Google Patents
IDES: An intelligent system for detecting intrudersLunt, 1990
View PDF- Document ID
- 13194750809589968987
- Author
- Lunt T
- Publication year
- Publication venue
- Proceedings of the symposium: computer security, threat and countermeasures
External Links
Snippet
This paper describes a real-time intrusion-detection ezpert system (IDES) that observes user behavior on a monitored computer system and adaptively learns what is normal for individual users, groups, remote hosts, and the overall system behavior. Observed behavior …
- 238000001514 detection method 0 abstract description 25
Classifications
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/18—Actuation by interference with heat, light or radiation of shorter wavelength; Actuation by intruding sources of heat, light or radiation of shorter wavelength
- G08B13/189—Actuation by interference with heat, light or radiation of shorter wavelength; Actuation by intruding sources of heat, light or radiation of shorter wavelength using passive radiation detection systems
- G08B13/194—Actuation by interference with heat, light or radiation of shorter wavelength; Actuation by intruding sources of heat, light or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems
- G08B13/196—Actuation by interference with heat, light or radiation of shorter wavelength; Actuation by intruding sources of heat, light or radiation of shorter wavelength using passive radiation detection systems using image scanning and comparing systems using television cameras
- G08B13/19654—Details concerning communication with a camera
- G08B13/19656—Network used to communicate with a camera, e.g. WAN, LAN, Internet
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B29/00—Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
- G08B29/18—Prevention or correction of operating errors
- G08B29/183—Single detectors using dual technologies
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/02—Mechanical actuation
- G08B13/08—Mechanical actuation by opening, e.g. of door, of window, of drawer, of shutter, of curtain, of blind
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B25/00—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
- G08B25/01—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium
- G08B25/10—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium using wireless transmission systems
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B25/00—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
- G08B25/008—Alarm setting and unsetting, i.e. arming or disarming of the security system
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/16—Actuation by interference with mechanical vibrations in air or other fluid
- G08B13/1654—Actuation by interference with mechanical vibrations in air or other fluid using passive vibration detection systems
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B29/00—Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
- G08B29/02—Monitoring continuously signalling or alarm systems
- G08B29/04—Monitoring of the detection circuits
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B15/00—Identifying, scaring or incapacitating burglars, thieves or intruders, e.g. by explosives
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B21/00—Alarms responsive to a single specified undesired or abnormal operating condition and not elsewhere provided for
- G08B21/02—Alarms for ensuring the safety of persons
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B17/00—Fire alarms; Alarms responsive to explosion
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lunt | IDES: An intelligent system for detecting intruders | |
| Lunt | Automated audit trail analysis and intrusion detection: A survey | |
| Lunt | A survey of intrusion detection techniques | |
| Axelsson | Research in intrusion-detection systems: A survey | |
| Lunt | Detecting intruders in computer systems | |
| Salem et al. | A survey of insider attack detection research | |
| Yang et al. | Anomaly-based intrusion detection for SCADA systems | |
| US8443443B2 (en) | Security system and method for detecting intrusion in a computerized system | |
| Emran et al. | Robustness of Chi‐square and Canberra distance metrics for computer intrusion detection | |
| Ye et al. | Multivariate statistical analysis of audit trails for host-based intrusion detection | |
| Biermann et al. | A comparison of intrusion detection systems | |
| Lunt et al. | Ides: a progress report (intrusion-detection expert system) | |
| Ghosh et al. | Learning program behavior profiles for intrusion detection | |
| Leu et al. | An internal intrusion detection and protection system by using data mining and forensic techniques | |
| Ahmed et al. | Detecting Computer Intrusions Using Behavioral Biometrics. | |
| Mazzawi et al. | Anomaly detection in large databases using behavioral patterning | |
| Yu | A survey of anomaly intrusion detection techniques | |
| CN115225386A (en) | Business identification and risk analysis method and system based on event sequence correlation fusion | |
| Xie et al. | Seurat: A pointillist approach to anomaly detection | |
| US12113810B2 (en) | Autonomic incident response system | |
| Singh et al. | Sql injection detection and correction using machine learning techniques | |
| Rapaka et al. | Intrusion detection using radial basis function network on sequences of system calls | |
| Goonatilake et al. | Intrusion detection using the chi-square goodness-of-fit test for information assurance, network, forensics and software security | |
| Jin et al. | Architecture for data collection in database intrusion detection systems | |
| Ficco et al. | A weight-based symptom correlation approach to SQL injection attacks |