Smaha et al., 1988 - Google Patents
Haystack: An intrusion detection systemSmaha et al., 1988
View PDF- Document ID
- 15656235999422790200
- Author
- Smaha S
- et al.
- Publication year
- Publication venue
- Fourth Aerospace Computer Security Applications Conference
External Links
Snippet
Haystack is a prototype system for the detection of intrusions Haystack reduces voluminous system audit trails to short summaries of user behaviors, anomalous events, and security incidents. This is designed to help the System Security Officer (SSO) detect and investigate …
- 238000001514 detection method 0 title abstract description 25
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Smaha | Haystack: An intrusion detection system | |
| Lunt | Automated audit trail analysis and intrusion detection: A survey | |
| Salem et al. | A survey of insider attack detection research | |
| Lunt | A survey of intrusion detection techniques | |
| Bertino et al. | Towards mechanisms for detection and prevention of data exfiltration by insiders: Keynote talk paper | |
| Stolfo et al. | A comparative evaluation of two algorithms for windows registry anomaly detection | |
| Price | HOST-BASED MISUSE DETECTION AND CONVENTIONAL OPERATING SYSTEMS'AUDIT DATA COLLECTION | |
| Kaghazgaran et al. | Toward an Insider Threat Detection Framework Using Honey Permissions. | |
| CN117708880A (en) | Intelligent security processing method and system for banking data | |
| Mehnaz et al. | Ghostbuster: A fine-grained approach for anomaly detection in file system accesses | |
| Ben Salem et al. | Masquerade attack detection using a search-behavior modeling approach | |
| RU2610395C1 (en) | Method of computer security distributed events investigation | |
| McAuliffe et al. | Is your computer being misused? A survey of current intrusion detection system technology | |
| Fagade et al. | Malicious insider threat detection: A conceptual model | |
| Singh et al. | Trust factor-based analysis of user behavior using sequential pattern mining for detecting intrusive transactions in databases | |
| Jin et al. | Architecture for data collection in database intrusion detection systems | |
| Choudhary et al. | Cyber Security With Emerging Technologies & Challenges | |
| Franqueira et al. | External insider threat: A real security challenge in enterprise value webs | |
| Furnell et al. | A conceptual architecture for real‐time intrusion monitoring | |
| Rathod et al. | Database intrusion detection by transaction signature | |
| Clyde | Insider threat identification systems | |
| Gaines et al. | Some security principles and their application to computer security | |
| Lunt | Using statistics to track intruders | |
| Ben Salem | Towards effective masquerade attack detection | |
| Fischer-Hübner et al. | Combining verified and adaptive system components towards more secure computer architectures |