The quality of log data is vital to the intrusion detection process. At the same time, it is very much affected by the capturing mechanism. Despite this, little research on the log mechanism itself is found in intrusion detection literature. With a few exceptions, log data discussions are reduced to a discussion concerning what type of data, e.g. host or network, is used as input to the detection system. This paper discusses the properties of the log mechanisms or intrusion detection input data. A detailed survey is made, where 44 log mechanisms are investigated. An extensive appendix provides both detailed information about each mechanism and references to the source of information for the mechanism. A taxonomy of log mechanism properties ...
ABSTRACT: Intrusion detection is an essential and important technique in research field. We propose ...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detecti...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
The quality of log data is vital to the intrusion detectionprocess. At the same time, it is very muc...
Surprisingly few data collection mechanisms have been used for intrusion detection, and most systems...
This chapter aims at providing a clear and concise picture of data collection for intrusion detectio...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
The focus of this thesis is on data collection and in particular data collection for intrusion detec...
This chapter aims at providing a clear and concise picture of data collection for intrusion detectio...
Computer security is an area of ever increasing importance. Our society relies on computerised servi...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
We propose a novel Intrusion Prevention System (IPS) which would base its knowledge and operation on...
We propose a novel Intrusion Prevention System (IPS) which would base its knowledge and operation on...
We consider typical tasks that arise in the intrusion analysis of log data from the perspectives of ...
World Wide Web is widely accessed by people for accessing services, social networking and so on. All...
ABSTRACT: Intrusion detection is an essential and important technique in research field. We propose ...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detecti...
The sheer number of different attack vectors and large amount of data produced by computer systems m...
The quality of log data is vital to the intrusion detectionprocess. At the same time, it is very muc...
Surprisingly few data collection mechanisms have been used for intrusion detection, and most systems...
This chapter aims at providing a clear and concise picture of data collection for intrusion detectio...
Log data adapted for intrusion detection is a little explored research issue despite its importance ...
The focus of this thesis is on data collection and in particular data collection for intrusion detec...
This chapter aims at providing a clear and concise picture of data collection for intrusion detectio...
Computer security is an area of ever increasing importance. Our society relies on computerised servi...
Intrusion detection is an important part of networkedsystems security protection. Although commercia...
We propose a novel Intrusion Prevention System (IPS) which would base its knowledge and operation on...
We propose a novel Intrusion Prevention System (IPS) which would base its knowledge and operation on...
We consider typical tasks that arise in the intrusion analysis of log data from the perspectives of ...
World Wide Web is widely accessed by people for accessing services, social networking and so on. All...
ABSTRACT: Intrusion detection is an essential and important technique in research field. We propose ...
Activity logs can be used for intrusion detection; however, most previous work on intrusion detecti...
The sheer number of different attack vectors and large amount of data produced by computer systems m...