From Signature-Based Towards Behaviour-Based Anomaly Detection (Extended Abstract)

Abstract

It has been an continuous phenomenon that more and more information is transmitted and accessible via computer data networks. Therefore data networks become a critical spot with lots of risks and threats related to it. One example can be a temporary dysfunction of network caused by an intended attack (such as DDoS attack). Attacks may lead to server failures which can mean simple inability to provide required services but also they can paralyse systems on national level (what recently happened in Estonia and Georgia [1]). Another example of possible thread is a loss of credibility of data, e.g. by unauthorized access and manipulation with stolen data. Crucial elements of data network can be overpowered by an attacker, for instance by breaking down password and setting administration access rights. Result of such activity can end up by misusing the element of data network for illegal actions (e.g. phishing, botnet) or by continuous abuse of the network.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2010
Accession Number
ADA584049

Entities

People

  • Jan Vykopal
  • Pavel Minarik

Organizations

  • Masaryk University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Abstracts
  • Acquisition
  • Anomaly Detection
  • Application Protocols
  • Change Detection
  • Computer Network Security
  • Computer Security Techniques
  • Cyber Defense Techniques
  • Cyber Threats
  • Cybersecurity
  • Czech Republic
  • Deep Packet Inspection
  • Detection
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Educational Psychology