Detecting and displaying novel computer attacks with macroscope

被引：5

作者：

Cunningham, RK ^{[1
]}

Lippmann, RP ^{[1
]}

Webster, SE ^{[1
]}

机构：

[1] MIT, Lincoln Lab, Informat Syst Technol Grp, Lexington, MA 02420 USA

来源：

IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS | 2001年 / 31卷 / 04期

关键词：

bottleneck verification (BV); intrusion detection; security;

D O I：

10.1109/3468.935044

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Macroscope is a network-based intrusion detection system that uses bottleneck verification (BV) to detect user-to-superuser attacks. BV detects novel computer attacks by looking for users performing high privilege operations without passing through legal "bottleneck" checkpoints that grant those privileges. Macroscope's BV implementation models many common Unix commands, and has extensions to detect intrusions that exploit trust relationships, as well as previously installed Trojan programs. BV performs at a false alarm rate more than two orders of magnitude lower than a reference signature verification system, while simultaneously increasing the detection rate from roughly 20% to 80% of user-to-superuser attacks.

引用

页码：275 / 281

页数：7

共 50 条

[31] A novel deep learning-based approach for detecting attacks in social IoT
Das, R. Mohan
Kumar, U. Arun
Gopinath, S.
Gomathy, V.
Natraj, N. A.
Anushkannan, N. K.
Balashanmugham, Adhavan
SOFT COMPUTING, 2023,
[32] A novel architecture for detecting and defending against flooding-based DDoS attacks
Shi, Y
Yang, XY
COMPUTATIONAL INTELLIGENCE AND SECURITY, PT 2, PROCEEDINGS, 2005, 3802 : 364 - 374
[33] A Profile-Based Novel Framework for Detecting EDoS Attacks in the Cloud Environment
J. Britto Dennis
M. Shanmuga Priya
Wireless Personal Communications, 2021, 117 : 3487 - 3503
[34] A Novel Ensemble of Hybrid Intrusion Detection System for Detecting Internet of Things Attacks
Khraisat, Ansam
Gondal, Iqbal
Vamplew, Peter
Kamruzzaman, Joarder
Alazab, Ammar
ELECTRONICS, 2019, 8 (11)
[35] SecureIoT: Novel Machine Learning Algorithms for Detecting and Preventing Attacks on IoT Devices
Vutukuru, Srikanth Reddy
Lade, Srinivasa Chakravarthi
JOURNAL OF ELECTRICAL SYSTEMS, 2023, 19 (04) : 315 - 335
[36] Toward detecting novel software attacks by using constructs from human cognition
Bryant, Adam
3RD INTERNATIONAL CONFERENCE ON INFORMATION WARFARE AND SECURITY, PROCEEDINGS, 2008, : 59 - 66
[37] A Profile-Based Novel Framework for Detecting EDoS Attacks in the Cloud Environment
Dennis, J. Britto
Priya, M. Shanmuga
WIRELESS PERSONAL COMMUNICATIONS, 2021, 117 (04) : 3487 - 3503
[38] Detecting and classifying attacks in computer networks using feed-forward and Elman neural networks
Alarcon-Aquino, V
Mejia-Sanchez, JA
Rosas-Romero, R
Ramirez-Cruz, JF
EC2ND 2005, PROCEEDINGS, 2006, : 187 - +
[39] On Detecting Code Reuse Attacks
Y. V. Kosolapov
Automatic Control and Computer Sciences, 2020, 54 : 573 - 583
[40] Understanding and Detecting Majority Attacks
Cilloni, Thomas
Cai, Xiyu
Fleming, Charles
Li, Jun
2020 IEEE INTERNATIONAL CONFERENCE ON DECENTRALIZED APPLICATIONS AND INFRASTRUCTURES (DAPPS 2020), 2020, : 11 - 21

← 1 2 3 4 5 →