- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.
Contents
Dedication.- List of Figures.- List of Tables.- Preface.- Acknowledgments.- 1. INTRODUCTION.- 1 Computer Security and Intrusion Detection.- 2 Intrusion Detection in Distributed Systems.- 3 Summary of Contributions.- 4 Organization.- 2. AN OVERVIEW OF RELATED RESEARCH.- 3. SYSTEM VIEW AND EVENT HISTORY.- 1 System View and Event History.- 4. MODELING REQUEST AMONG COOPERATING INTRUSION DETECTION SYSTEMS.- 1 Query.- 2 Scaling to Large and Heterogeneous Environments.- 3 Discussion.- 5. EXTENDING COMMON INTRUSION DETECTION FRAMEWORK (CIDF) TO SUPPORT QUERIES.- 1 Background.- 2 A Query Facility for CIDF.- 3 Impact on CIDF.- 6. A HIERARCHICAL MODEL FOR DISTRIBUTED ATTACKS.- 1 Misuse Signature.- 2 Defining System Views Using Signatures: A Hierarchical Model.- 3 Discussion.- 7. DECENTRALIZED DETECTION OF DISTRIBUTED ATTACKS.- 1 Serializable Signatures.- 2 Detection Task and Workflow Tree.- 3 Execution of Detection Tasks.- 4 Optimization.- 5 Generating Workflow Tree.- 8. CARDS: AN EXPERIMENTAL SYSTEM FOR DETECTING DISTRIBUTED ATTACKS.- 1 CARDS Architecture.- 2 System Design Issues.- 3 Prototype Implementation.- 9. CONCLUSION.- Appendices.- References.
