Penetration state transition analysis a rule-based intrusion detection approach

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn Part F146266, Issue , 1992, Pages 220-229

  Porras, Phillip A ^a   Kemmerer, Richard A ^b  

^a AEROSPACE CORPORATION   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

EXPERT SYSTEMS;

COMPUTER PENETRATIONS; INTRUSION DETECTION APPROACHES; NEW APPROACHES; RULE BASED; RULE BASED EXPERT SYSTEMS; STATE TRANSITION DIAGRAMS; STATE TRANSITIONS;

INTRUSION DETECTION;

EID: 84873309550     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.1992.228217     Document Type: Conference Paper

References (18)

1. J. P. Anderson, "Computer Security Threat Monitoring and Surveillance", James P. Anderson Co., Fort Washington, PA, April 1980.
2. M. Bishop, "Security Problem with the Unix Operating System", [Restricted Distribution], Department of Computer Science, Purdue University, West Lafayette, IN, April 1982.
3. K. Chen, S. C. Lu and H. S. Teng, "Adaptive Real-Time Anomaly Detection Using Inductively Generated Sequential Patterns", Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1989.
4. D. E. Denning and P. G. Neumann, "Requirements and Model for IDES - A Real-time Intrusion Detection Expert System", Technical Report, CSL, SRI International, August 1985.
5. L. R. Halme, T. F. Lunt, J. Van Home, "Analysis of Computer System Audit Trails - Intrusion Classification", Sytek Technical Report TR-85012, Mountain View, CA, October 1985.
6. B. Hubbard, T. Haley, N. McAuliffe, L. Schaefer, N. Kelem, D. Wolcott, R. Feiertag and M. Schaefer, "Computer System Intrusion Detection", Trusted Information Systems, Inc., RADC-TR-90-413 Final Technical Report, December 1990.
7. K. Ilgun, "USTAT: A Real-Time Intrusion Detection System for Unix", Masters Thesis, Computer Science Department, University of California, Santa Barbara, July 1992.
8. T. F. Lunt, "Automated Audit Trail Analysis and Intrusion Detection: A Survey", Proceedings of the 11th National Computer Security Conference, Baltimore, MD, October 1988.
9. T. F. Lunt, "Real-Time Intrusion Detection", Proceedings COMPCON, San Francisco, CA, February 1989.
10. T. F. Lunt, R. Jagannathan, R. Lee, and A. Whitehurst, "Knowledge-Based Intrusion Detection", Proceeding of the 1989 AI Systems in Government Conference, March 1989.
11. T. F. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, C. Jalai, H. S. Javitz, A. Valdes, and P. G. Neumann, "A Real-Time Intrusion Detection Expert System", SRI CSL Technical Report, SRI-CSL-90-05, June 1990.
12. N. J. McAuliffe, L. J. Schaefer, D. M. Wolcott, T. K. Haley, N. L. Kelem and B. S. Hubbard, "Is Your Computer Being Misused? A Survey of Current Intrusion Detection System Technology", Proceedings of the Sixth Computer Security Applications Conference, December 1990.
13. B. G. Miller and P. E. Proctor, "A Requirements Oriented Analysis of Computer Misuse Detection Systems", presented at the Seventh Intrusion Detection Workshop, SRI International, Menlo Park, CA, May 1991.
14. P. G. Neumann, "A Comparative Anatomy of Computer System/Network Anomaly Detection Systems", CSL, SRI BN-168, Menlo Park, CA, May 1990.
15. P. A. Porras, "STAT - A State Transition Analysis Tool for Intrusion Detection", Masters Thesis, Computer Science Department, University of California, Santa Barbara, June 1992.
16. SunOS Release 4.1.1 C2 BSM-Patch, Revision A, December 1991.
17. Unix Programmer's Manual, 4.2 Berkeley Software Distribution, Virtual VAX-11 Version, Computer Science Division, Department of Electrical and Computer Sciences, University of California, Berkeley, CA, August 1983.
18. H. S. Vaccaro and G. E. Liepins, "Detection of Anomalous Computer Session Activity", Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, CA, May 1989.