Analysis of security data from a large computing organization

Proceedings of the International Conference on Dependable Systems and Networks

Volumn , Issue , 2011, Pages 506-517

  Sharma, A ^a   Kalbarczyk, Z ^a   Barlow, J ^a   Iyer, R ^a  

^a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

Author keywords

alerts; incident attack data analysis; large scale computing systems; security monitoring

Indexed keywords

ALERTS; AUTOMATED ANALYSIS; FORENSIC DATA; HUMAN EXPERTISE; IN-DEPTH STUDY; LARGE-COMPUTING; LARGE-SCALE COMPUTING SYSTEMS; MONITORING TOOLS; NATIONAL CENTER FOR SUPERCOMPUTING APPLICATIONS; SECURITY INCIDENT; SECURITY MONITORING; UNIVERSITY OF ILLINOIS;

COMPUTER CRIME; DATA REDUCTION; MONITORING;

SECURITY OF DATA;

EID: 80051938080     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DSN.2011.5958263     Document Type: Conference Paper

References (26)

1. Singer, A., "Life Without Firewalls," The Usenix Magazine, 28(6), 2003.
2. Allman M., Kreibich C., Paxson V., Sommer, R., Weaver N.: "Principles for Developing Comprehensive Network Visibility," USENIX Workshop on Hot Topics in Security, USENIX, 2008.
3. Bellovin, S. R., Cheswick, B.: Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley Publishing, 1994.
4. Chen S., Kalbarczyk Z., Xu J., Iyer R. K., "A data-driven finite state machine model for analyzing security vulnerabilities," Int'l Conference on Dependable Systems and Networks, 2003.
5. Cohen, F. B.: Protection and Security on the Information Superhighway. John Wiley & Sons, New York (1995).
6. Cukier, M., Berthier, R, Panjwani, S., Tan, S.: A statistical analysis of attack data to separate attacks. Proc. Int'l Conference on Dependable Systems and Networks, (2006).
7. Cutts Jr. et al, United States Patent 5,193,175, March 9, 1993
8. DOE M-205: Cyber Security Incident Management Manual. Department of Energy (2010).
9. Gregorio-de Souza I., Berk, V. H., Giani A., et al., "Detection of Complex Cyber Attacks," SPIE 6201, 2006.
10. Zhou J., Heckman M., Reynolds B., Carlson A., and Bishop M., "Modeling Network Intrusion Detection Alerts for Correlation," ACM Trans. on Info. and Sys. Security 10(1), 2007.
11. Kendall K., Smith A. C., "A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems," MIT, Electrical and Computer Engineering. Cambridge 1999.
12. Kumar, S, Spafford, E., An application of pattern matching in intrusion detection. Purdue University, Tech. Rep, Department of Computer Sciences (1994).
13. Kumar, S. "Classification of intrusions," Purdue University, 1995.
14. Landwehr, C. et al., "A Taxonomy of Computer Security Flaws," ACM Computing Surveys, 26(3), 1994.
15. Ning P. and Xu D., "Learning Attack Strategies from Intrusion Alerts," 10th ACM Conference on Computer and Communications Security, 2003.
16. Paxson V., "Bro: A System for Detecting Network Intruders in Real-Time," Computer Networks, 1999.
17. Ruiu D., "Cautionary Tales: Stealth Coordinated Attack HOWTO," http://althing.cs.dartmouth.edu/secref/local/stealth-co-ordinatedattack.txt (1999).
18. Vaarandi R., "SEC-A Lightweight Event Correlation Tool," Workshop on IP Operations and Management, 2002.
19. Sung M., Haas M, Xu J. "Analysis of DoS attack traffic data," FIRST Conference, Hawaii, 2002.
20. th International Conference on Network and System Security, 2010.
21. Tidwell T., Larson R., Fitch K., and Hale J., "Modeling Internet Attacks," Workshop on Information Assurance and Security, 2001.
22. Templeton S.J., Levitt K., "A Requires/provides Model for Computer Attacks," New Security Paradigm Workshop (2000).
23. Treinen J., Thurimella R. "A framework for the Application of Association Rule Mining in Large Intrusion Detection Infrastructures," 9th Int'l Symposium on Recent Advances in Intrusion Detection, 4219 (2006).
24. Verizon Business Risk Team: 2010 Data Breach Investigations Report, http://www.verizonbusiness.com/resources/reports/rp-2010-data-breach-report-en- xg.pdf
25. Howard J. D., "An analysis of security incidents on the Internet 1989-1995," Carnegie Mellon University, Pittsburgh, PA, 1998
26. Eckmann S.T., G. Vigna, and R.A. Kemmerer, "STATL: An Attack Language for State-based Intrusion Detection," Workshop on Intrusion Detection Systems, Athens, Greece, 2000.