Direction for Intrusion Detection and Response: A Survey

Abstract

This document presents a review of recent research into the automated detection of attack on computers or networks of computers. It is now widely regarded that despite efforts to secure computer systems against intruders by operating system protection, an increasing number of such attempts are succeeding. Only through the careful monitoring of activity in a computation environment can such penetrations be detected and potentially repelled. We briefly describe some early attempts to provide such monitoring and then proceed to describe several research efforts that are currently underway to overcome the limitations of these classical systems. From an analysis of these new approaches we distill several core principles that are critical to the success of future detect and react systems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Oct 01, 1997
Accession Number
ADA335058

Entities

People

  • Dean Englehardt

Organizations

  • Defence Science and Technology Group

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Abstracts
  • Acquisition
  • Air Force
  • Artificial Intelligence
  • Computer Networks
  • Cybersecurity
  • Detection
  • Electronics
  • Human Systems Integration
  • Information Security
  • Information Systems
  • Intrusion Detection
  • Intrusion Detectors
  • Operating Systems
  • Security Protocols
  • Systems Engineering
  • Warfare

Fields of Study

  • Computer science

Readers

  • Sensor Fusion and Tracking Systems.
  • Systems Analysis and Design