Defending Against Novel Information Attacks: Prototype Development and Analysis
Abstract
The objective of this project was to develop appropriate techniques for defending information systems from various types of attacks. On the intrusion detection front, the authors developed nonsignature-based attack detection mechanisms to protect information integrity in systems. These methods used Petri-Net and Data Mining techniques to identify various attacks. The authors also developed a generalized model for understanding different types of computer viruses to help them develop techniques to protect information systems from those viruses. In addition to attack detection methods, appropriate response techniques were developed that, when applied after discovering an attack, would aid in bringing the affected system into normal operating conditions. The following key research activities were accomplished as a result of this project: (1) transaction semantic analysis for profiling transactions, (2) identification of malicious transactions in a database system, (3) use of data mining techniques for database intrusion detection, (4) mining data relationships for database damage assessment, (5) bit matrix structure for damage assessment in a centralized system, (6) distributed and parallel damage assessment using pre-developed bit matrix structure, (7) damage assessment models for distributed database systems, (8) hybrid log segmentation for databases suffering frequent attacks, (9) fuzzy recovery model for critical information systems, (10) fuzzy dependencies in databases and their applications in damage assessment and recovery, (11) damage assessment and recovery using information flow model, and (12) computer virus classification and Network viruses.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 31, 2005
- Accession Number
- ADA430505
Entities
People
- Brajendra Panda
- Thomas Wiggen
Organizations
- University of North Dakota