Control and estimation methods in information assurance - A tutorial on intrusion detection systems

Proceedings of the IEEE Conference on Decision and Control

Volumn 2, Issue , 2002, Pages 1402-1407

  Cabrera, Jaõo B D ^a   Mehra, Raman K ^a  

^a Scientific Systems Company   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CONGESTION CONTROL (COMMUNICATION); ESTIMATION; FEEDBACK; INFORMATION SCIENCE; MANAGEMENT INFORMATION SYSTEMS; PROBABILITY;

INFORMATION ASSURANCE; INTRUSION DETECTION SYSTEMS;

SECURITY OF DATA;

EID: 0036994338     PISSN: 01912216     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (41)

1. T. F. Abdelhazer, K. G. Shin, and N. Bhatti. Performance Guarantees for Web-Server End-Systems: A Control-Theoretical Approach. IEEE Transactions on Parallel and Distributed Systems, 2002. To appear.
2. J. Allen, A. Christie, W. Fithen, J. McHugh, J. Pickel, and E. Stoner. State of the Practice of Intrusion Detection Technologies. Technical Report CMU/SEI-99-TR-028, Carnegie Mellon University - Software Engineering Institute, January 2000.
3. J. P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., 1980. Contract No. 79F26400.
4. S. Axelsson. The base-rate fallacy and its implications for the difficulty of intrusion detection. In Proceedings of the 6th ACM Conference on Computer and Communications Security, Singapore, November 1999.
5. S. Axelsson. A Preliminary Attempt to Apply Detection and Estimation Theory to Intrusion Detection. Technical Report 00-4, Department of Computer Engineering - Chalmers University of Technology, Sweden, March 2000.
6. S. Axelsson. Intrusion Detection Systems: A Taxonomy and Survey. Technical Report 99-15, Department of Computer Engineering - Chalmers University of Technology, Sweden, March 2000.
7. J. B. D. Cabrera, W. Lee, R. K. Prasanth, L. Lewis, and R. K. Mehra. Optimization and Control Problems in Real Time Intrusion Detection. In Proceedings of the 41st IEEE Conference on Decision and Control, Las Vegas, NV, December 2002.
8. J. B. D. Cabrera, L. Lewis, and R. K. Mehra. Detection and Classification of Intrusions and Faults using Sequences of System Calls. In ACM SIGMOD Record Special Issue on Data Mining for Instrusion Detection, Security and Threat Analysis, December 2001.
9. J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, and R. K. Mehra. Proactive Intrusion Detection and Distributed Denial of Service Attacks - A Case Study in Security Management. Journal of Network and Systems Management, 10(2):225-254, June 2002.
10. J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra. Proactive Detection of Distributed Denial of Service Attacks using MIB Traffic Variables - A Feasibility Study. In Proceedings of the Seventh IFIP/IEEE International Symposium on Integrated Network Management, pages 609-622, Seattle, WA, May 2001.
11. J. D. B. Cabrera, B. Ravichandran, and R. K. Mehra. Statistical Traffic Modeling for Network Intrusion Detection. In Proceedings of the Eighth International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunications Systems, pages 466-473, San Francisco, CA, August 2000. IEEE Computer Society.
12. C. L. Compton and D. L. Tennenhouse. Collaborative load shedding for media-based applications. In Proceedings of the International Conference on Multimedia Computing and Systems, Boston, MA, May 1994.
13. H. Debar, M. Dacier, and A. Wespi. Towards a Taxonomy of Intrusion-Detection Systems. Computer Networks, 31:805-822, 1999.
14. D. Denning. An intrusion detection model. IEEE Transactions on Software Engineering, 13(2):222-232, February 1987.
15. W. Fan, W. Lee, S. J. Stolfo, and M. Miller. A multiple-model cost-sensitive approach for intrusion detection. In Proceedings of the Eleventh European Conference on Machine Learning, 2000.
16. J. Hamilton. Time Series Analysis. Princeton University Press, 1994.
17. J. E. Gaffney, Jr. and J. W. Ulvila. Evaluation of Intrusion Detectors: A Decision Theory Approach. In Proceedings of the IEEE Symposium on Security and Privacy, May 2001.
18. J. R. James. Thoughts on information operation detection as a nonlinear, mixed-signal identification problem: a control systems view. In Proceedings of the 2000 IEEE Symposium on CACSD, Anchorage, AK, September 2000.
19. K. Kendall. A database of computer attacks for the evaluation of intrusion detection systems. Master's thesis, Massachusetts Institute of Technology, June 1999.
20. S. Kent. On the trail of intrusions into information systems. IEEE Spectrum, pages 52-56, December 2000.
21. C. Ko. Logic induction of valid behavior specifications for intrusion detection. In Proceedings of the IEEE Symposium on Security and Privacy, 2000.
22. W. Lee, J. B. D. Cabrera, A. Thomas, N. Balwalli, S. Saluja, and Y. Zhang. Performance Adaptation in Real-Time Intrusion Detection Systems. In Proceedings of the 5th International Symposium on Recent Advances in Intrusion Detection (RAID 2002), Zurich, Switzerland, October 2002.
23. W. Lee, W. Fan, M. Miller, S. J. Stolfo, and E. Zadok. Toward Cost-Sensitive Modeling for Intrusion Detection and Response. Journal of Computer Security, 2002. In Press.
24. W. Lee and S. J. Stolfo. A Framework for Constructing Features and Models for Intrusion Detection Systems. ACM Transactions on Information and Systems, 3(4), November 2000.
25. W. Lee, S. J. Stolfo, and P. K. Chan. Learning Patterns from Unix Process Execution Traces for Intrusion Detection. In Proceedings of the AAAI Workshop on AI Methods in Fraud and Risk Management, pages 50-56, July 1997.
26. K. N. Levitt and S. Cheung. Common techniques in fault-tolerance and security. In Proceedings of the Fourth Conference on Dependable Computing for Critical Applications, pages 373-377, San Diego, CA, January 1994.
27. R. P. Lippman, D. Fried, I. Graf, J. W. Haines, K. R. Kendall, D. McClung, D. Weber, S. E. Webster, D. Wyschogrod, Evaluating Intrusion Detection Systems: The 1998 DARPA Off-Line Intrusion Detection Evaluation. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition, volume 2, 2000.
28. S. H. Low, F. Paganini, and J. C. Doyle. Internet Congestion Control. IEEE Control Systems Magazine, 22(1):28-43, February 2002.
29. T. Lunt. Automated audit trail analysis and intrusion detection: A survey. In Proceedings of the 11th National Computer Security Conference, pages 65-73, October 1988.
30. S. Martello and P. Toth. Knapsack Problems: Algorithms and Computer Implementations. John Wiley & Sons, Inc., 1990.
31. R. K. Mukkamala, J. Gagnon, and S. Jajodia. Integrating Data Mining Techniques with Intrusion Detection. In V. Atluri and J. Hale, editors, Research Advances in Database and Information Systems Security, pages 33-46. Kluwer Publishers, 2000.
32. S. Northcutt. Network Intrusion Detection - An Analyst's Handbook. New Riders Publishing, 1999.
33. V. Paxson. Bro: A system for detecting network intruders in real-time. Computer Networks, 31:2435-2463, December 1999.
34. J. Pratt, H. Raiffa, and R. Schlaifer. Introduction to Statistical Decision Theory. MIT Press, Cambridge, MA, 1995.
35. N.J. Puketza, K. Zhang, M. Chung, B. Mukherjee, and R. O. Olsson. A Methodology for Testing Intrusion Detection Systems. IEEE Transactions on Software Engineering, October 1996.
36. M. Roesch. Snort - Lightweight intrusion detection for networks. In Proceedings of the USENIX LISA Conference, 1999.
37. J. H. Saltzer and M. D. Schroeder. The Protection of Information in Computer Systems. Proceedings of the IEEE, 63(9):1278-1308, September 1975.
38. D. Schnakenberg, K. Djahandari, and D. Sterne. Infrastructure for intrusion detection and response. In Proceedings of DARPA Information Survivability Conference and Exposition, Hilton Head Island, SC, January 2000.
39. F. B. Schneider, editor. Trust in Cyberspace. National Academy Press, 1998.
40. P. Uppuluri and R. Sekar. Experiences with Specification-based Intrusion Detection. In Recent Advances in Intrusion Detection (RAID 2001). Springer-Verlag, Lecture Notes in Computer Science, Number 2212, 2001.
41. J. Walrand and P. Varaiya. High-Performance Communication Networks. Morgan Kaufmann Publishers, Inc., First edition, 1996.