Title :
Computer network intrusion detection, assessment and prevention based on security dependency relation
Author :
Yau, Stephen S. ; Zhang, Xinyu
Author_Institution :
Dept. of Comput. Sci. & Eng., Arizona State Univ., Tempe, AZ, USA
Abstract :
An approach to detection, assessment and prevention of further intrusions of distributed intrusions in a computer network is presented. Our approach uses audit data from multiple network nodes and services. To achieve accurate results, inherent security relations among different network nodes should be considered. In our approach, the security dependency relation (SDR) is defined to describe these relations, and ripple effect analysis is used to detect, assess, and prevent intrusions based on SDRs. Agents are used to improve the scalability and efficiency of our approach
Keywords :
computer network management; safety systems; security of data; audit data; computer network intrusion detection; distributed intrusions; multiple network nodes; network nodes; ripple effect analysis; scalability; security dependency relation; security relations; Centralized control; Computer networks; Computer science; Computer security; Data analysis; Data security; Intrusion detection; Operating systems; Robustness; Scalability;
Conference_Titel :
Computer Software and Applications Conference, 1999. COMPSAC '99. Proceedings. The Twenty-Third Annual International
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-7695-0368-3
DOI :
10.1109/CMPSAC.1999.812681
