Integrating intrusion detection and network management

IEEE Symposium Record on Network Operations and Management Symposium

Volumn , Issue , 2002, Pages 329-344

  Qin, Xinzhou ^a   Lee, Wenke ^a   Lewis, Lundy ^b   Cabrera, João B D ^c  

^a Georgia Institute of Technology   (United States)

^b Aprisma Management Technologies   (United States)

^c Scientific Systems Company   (United States)

Author keywords

Anomaly Detection; Distributed Denial of Service Attacks; Intrusion Detection; Intrusion Detection Agent; MIB II; Network Security Management

Indexed keywords

COMPUTER NETWORKS; COMPUTER SYSTEM FIREWALLS; CRYPTOGRAPHY; INFORMATION MANAGEMENT; SECURITY OF DATA;

INTRUSION DETECTION SYSTEMS (IDS);

DISTRIBUTED COMPUTER SYSTEMS;

EID: 0038048503     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (23)

1. E. Amoroso. Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Traps, Trace Back, and Response. Intrusion.Net Books, 1999.
2. D. Anderson, T. Frivold, and A. Valdes. Next-generation intrusion de-tection expert system (NIDES): A summary. Technical Report SRI-CSL-95-07, Computer Science Laboratory, SRI International, Menlo Park, California, May 1995.
3. J. P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Company, Fort Washington, Pennsylvania, April 1980.
4. R. Bace. Intrusion Detection. Macmillan Technical Publishing, 2000.
5. K. Boudaoud, H. Labiod, R. Boutaba, and Z. Guessoum. Network security management with intelligent agents. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 2000), April 2000.
6. A. Bronstein, J. Das, M. Duro, R. Friedrich, G. Kleyner, M. Mueller, S. Singhal, and I. Cohen. Self-aware services: Using Bayesian networks for detecting anomalies in Internet-based services. In Proceedings of IFIP/IEEE International Symposium on Integrated Network Management (IM 2001), May 2001.
7. J. B. D. Cabrera, L. Lewis, X. Qin, W. Lee, R. K. Prasanth, B. Ravichandran, and R. K. Mehra. Proactive detection of distributed denial of service attacks using MIB traffic variables - a feasibility study. In Proceedings of IFIP/IEEE International Symposium on Integrated Network Management (IM 2001), May 2001.
8. W. W. Cohen. Fast effective rule induction. In Machine Learning: the 12th International Conference, Lake Taho, CA, 1995. Morgan Kaufmann.
9. P.J. Criscuolo. Distributed denial of service - trin00, tribe flood network, tribe flood network 2000, and stacheldraht. Technical Report CIAC-2319, Department of Energy - CIAC (Computer Incident Advisory Capability), February 2000.
10. D. Denning. An intrusion detection model. IEEE Transactions on Software Engineering, 13(2), February 1987.
11. Zhi Fu, He Huang, Tsung-Li Wu, S. Felix Wu, Fengmin Gong, Chong Xu, and Ilia Baldine. Iscp: Design and implementation of an inter-domain security management agent coordination protocol. In Proceedings of IEEE/IFIP Network Operations and Management Symposium (NOMS 200), April 2000.
12. J. L. Hellerstein, F. Zhang, and P. Shahabuddin. An approach to predictive detection for service management. In Proceedings of the 6th IFIP/IEEE International Symposium on Integrated Network Management, May 1999.
13. L. L. Ho, D. J. Cavuto, S. Papavassiliou, M. Z. Hasan, F. E. Feather, and A. G. Zawadzki. Adaptive network/service fault detection in transaction-oriented wide area networks. In Proceedings of the 6th IFIP/IEEE International Symposium on Integrated Network Management, May 1999.
14. K. Ilgun, R. A. Kemmerer, and P. A. Porras. State transition analysis: A rule-based intrusion detection approach. IEEE Transactions on Software Engineering, 21(3):181-199, March 1995.
15. W. Lee, S. J. Stolfo, and K. W. Mok. A data mining framework for building intrusion detection models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999.
16. W. Lee and D. Xiang. Information-theroetic measures for anomaly detection. In Proceedings of the 2001 IEEE Symposium on Security and Privacy, May 2001.
17. V. Paxson. Experiences learned from bro. ;login: The USENIX Association Magazine, September 1999.
18. P. A. Porras and P. G. Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In National Information Systems Security Conference, Baltimore MD, October 1997.
19. X. Qin, W. Lee, L. Lewis, and J. B.D. Cabrera. Using MIB II variables for network intrusion detection. In S. Jajodia and D. Barbarã, editors, Data Mining for Security Applications, Advances in Computer Security. Kluwer Academic Press, March 2002.
20. M. Subramanian. Network Management: Principles and Practice. Addison-Wesley, 2000.
21. SunSoft. SunSHIELD Basic Security Module Guide. SunSoft, Mountain View, CA, 1995.
22. M. Thottan and C. Ji. Proactive anomaly detection using distributed intelligent agents. IEEE Network, Special Issue on Network Management, April 1998.
23. C. Warrender, S. Forrest, and B. Pearlmutter. Detecting intrusions using system calls: Alternative data models. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, May 1999.