Integrated access control and intrusion detection for web servers

IEEE Transactions on Parallel and Distributed Systems

Volumn 14, Issue 9, 2003, Pages 841-850

  Ryutov, Tatyana ^a   Neuman, Clifford ^a   Kim, Dongho ^a   Zhou, Li ^a  

^a UNIVERSITY OF SOUTHERN CALIFORNIA   (United States)

Author keywords

Access control; Apache web server; Authorization; Intrusion detection; Security policy

Indexed keywords

COMPUTER CRIME; COMPUTER PROGRAMMING LANGUAGES; SERVERS; TELECOMMUNICATION CONTROL; USER INTERFACES; WORLD WIDE WEB;

ACCESS CONTROL; AUTHORIZATION; INTRUSION DETECTION; WEB SERVERS;

SECURITY OF DATA;

EID: 0142071646     PISSN: 10459219     EISSN: None     Source Type: Journal    
DOI: 10.1109/TPDS.2003.1233707     Document Type: Article

References (7)

1. M. Almgren, H. Debar, and M. Dacier, "A Lightweight Tool for Detecting Web Server Attacks," Proc. Network and Distributed System Security Symp., 2000.
2. M. Almgren and U. Lindqvist, "Application-Integrated Data Collection for Security Monitoring," Proc. Fourth Int'l Symp. Recent Advances in Intrusion Detection, pp. 22-36, 2001.
3. R. Bace and P. Mell, "Intrusion Detection Systems," NIST Special Publication on Intrusion Detection Systems, Nat'l Inst. of Standards and Technology, 2001.
4. D.J. Burroughs, L.F. Wilson, and G.V. Cybenko, "Analysis of Distributed Intrusion Detection Systems Using Bayesian Methods," Proc. IEEE Int'l Performance Computing and Comm. Conf., Apr. 2002.
5. T.V. Ryutov and B.C. Neuman, "The Specification and Enforcement of Advanced Security Policies," Proc. Conf. Policies for Distributed Systems and Networks, 2002.
6. R. Thau, "Design Considerations for the Apache Server API," Proc. Fifth Int'l World Wide Web Conf., 1996.
7. Sanctum, Inc., http://www.sanctuminc.com, 2003.