• DocumentCode
    2700580
  • Title

    Haystack: an intrusion detection system

  • Author

    Smaha, Stephen E.

  • Author_Institution
    Tracor Appl Sci. Inc., Austin, TX, USA
  • fYear
    1988
  • fDate
    12-16 Dec 1988
  • Firstpage
    37
  • Lastpage
    44
  • Abstract
    Haystack is a prototype system for the detection of intrusions in multiuser US Air Force computer systems. Haystack reduces voluminous system audit trails to short summaries of user behavior, anomalous events, and security incidents. This is designed to help the system security officer detect and investigate intrusions, particularly by insiders (authorized users). Haystacks´s operation is based on behavioral constraints imposed by security policies and on models of typical behavior for user groups and individual users
  • Keywords
    aerospace computing; human factors; multi-access systems; safety systems; security of data; Haystack; anomalous events; authorized users; behavioral constraints; individual users; intrusion detection system; multiuser US Air Force computer systems; prototype system; security incidents; security policies; system security officer; typical behavior; user behavior; user groups; voluminous system audit trails; Access control; Computer crime; Computer security; Government; Information security; Intrusion detection; Military computing; National security; Standards development; US Department of Defense;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Aerospace Computer Security Applications Conference, 1988., Fourth
  • Conference_Location
    Orlando, FL
  • Print_ISBN
    0-8186-0895-1
  • Type

    conf

  • DOI
    10.1109/ACSAC.1988.113412
  • Filename
    113412
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2700580