SCOPUS 정보 검색 플랫폼

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2001-January, Issue , 2001, Pages 240-251

EXpert-BSM: A host-based intrusion detection solution for Sun Solaris

(2) Lindqvist, Ulf a Porras, Phillip A a

Author keywords

Data security; Electronic switching systems; Expert systems; Intrusion detection; Laboratories; Remote monitoring; Secure storage; Sun; Surveillance; Trademarks

Indexed keywords

DIGITAL STORAGE; EXPERT SYSTEMS; KNOWLEDGE BASED SYSTEMS; LABORATORIES; MERCURY (METAL); NETWORK SECURITY; SECURITY OF DATA; SECURITY SYSTEMS; SPACE SURVEILLANCE; SUN; TRADEMARKS;

DECENTRALIZED MANAGEMENT; DIRECT MONITORING; ELECTRONIC SWITCHING SYSTEMS; HOST-BASED INTRUSION DETECTION; PRODUCTION ENVIRONMENTS; REMOTE MONITORING; SECONDARY STORAGE; SECURE STORAGE;

INTRUSION DETECTION;

EID: 84949211287 PISSN: 10639527 EISSN: None Source Type: Conference Proceeding
DOI: 10.1109/ACSAC.2001.991540 Document Type: Conference Paper

Times cited : (35)

References (23)

1
- 0006103497
- A standard audit trail format
- Baltimore, Maryland, Oct. 10-13,. National Institute of Standards and Technology/National Computer Security Center
- M. Bishop. A standard audit trail format. In Proceedings of the 18th National Information Systems Security Conference, pages 136-145, Baltimore, Maryland, Oct. 10-13, 1995. National Institute of Standards and Technology/National Computer Security Center
- (1995) Proceedings of the 18th National Information Systems Security Conference , pp. 136-145
- Bishop, M.¹

2
- 84958742099
- A tool for pro-active defense against the buffer overrun attack
- J.-J. Quisquater et al., editors, Louvainla-Neuve, Belgium, Sept. 16-18, Springer-Verlag
- D. Bruschi, E. Rosti, and R. Banfi. A tool for pro-active defense against the buffer overrun attack. In J.-J. Quisquater et al., editors, Computer Security-Proceedings of ESORICS 98, volume 1485 of LNCS, pages 17-31, Louvainla-Neuve, Belgium, Sept. 16-18, 1998. Springer-Verlag
- (1998) Computer Security-Proceedings of ESORICS 98, Volume 1485 of LNCS , pp. 17-31
- Bruschi, D.¹ Rosti, E.² Banfi, R.³

3
- 63449132197
- Carnegie Mellon University, Pittsburgh, PA 15213-3890, USA. Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind, Dec. 14, . CERT Advisory CA-1999-16
- CERT Coordination Center, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA 15213-3890, USA. Buffer Overflow in Sun Solstice AdminSuite Daemon sadmind, Dec. 14, 1999. CERT Advisory CA-1999-16, http: //www.cert.org/advisories/CA-1999-16.html
- (1999) Software Engineering Institute

4
- 0006025721
- Identification of host audit data to detect attacks on low-level IP vulnerabilities
- T. E. Daniels and E. H. Spafford. Identification of host audit data to detect attacks on low-level IP vulnerabilities. Journal of Computer Security, 7(1):3-35, 1999
- (1999) Journal of Computer Security , vol.7 , Issue.1 , pp. 3-35
- Daniels, T.E.¹ Spafford, E.H.²

5
- 84949279539
- June 14
- J. de Haas. Vulnerability in Solaris ufsrestore. Bugtraq, June 14, 2000. http://archives.neohapsis.com/archives/ bugtraq/2000-06/0114.html
- (2000) Vulnerability in Solaris Ufsrestore
- De Haas, J.¹

6
- 79953123891
- Better logging through formality: Applying formal specification techniques to improve audit logs and log consumers
- H. Debar, L. Me, and S. F. Wu, editors Toulouse, France, Oct. 2-4, . Springer-Verlag
- C. Flack and M. J. Atallah. Better logging through formality: Applying formal specification techniques to improve audit logs and log consumers. In H. Debar, L. Me, and S. F. Wu, editors, Recent Advances in Intrusion Detection (RAID 2000), volume 1907 of LNCS, pages 1-16, Toulouse, France, Oct. 2-4, 2000. Springer-Verlag
- (2000) Recent Advances in Intrusion Detection (RAID 2000), Volume 1907 of LNCS , pp. 1-16
- Flack, C.¹ Atallah, M.J.²

7
- 84969573885
- ASAX: Software architecture and rule-based language for universal audit trail analysis
- Y. Deswarte et al., editors, Toulouse, France, Nov. 23-25, . Springer-Verlag
- J. Habra, B. Le Charlier, A. Mounji, and I. Mathieu. ASAX: Software architecture and rule-based language for universal audit trail analysis. In Y. Deswarte et al., editors, Computer Security-Proceedings of ESORICS 92, volume 648 of LNCS, pages 435-450, Toulouse, France, Nov. 23-25, 1992. Springer-Verlag
- (1992) Computer Security-Proceedings of ESORICS 92, Volume 648 of LNCS , pp. 435-450
- Habra, J.¹ Le Charlier, B.² Mounji, A.³ Mathieu, I.⁴

8
- 0024984013
- A network security monitor
- Oakland, California, May 7-9
- L. T. Heberlein et al. A network security monitor. In Proceedings of the 1990 IEEE Symposium on Security and Privacy, pages 296-304, Oakland, California, May 7-9, 1990
- (1990) Proceedings of the 1990 IEEE Symposium on Security and Privacy , pp. 296-304
- Heberlein, L.T.¹

9
- 0027150412
- USTAT: A real-time intrusion detection system for UNIX
- Oakland, California, May 24-26
- K. Ilgun. USTAT: A real-time intrusion detection system for UNIX. In Proceedings of the 1993 IEEE Symposium on Security and Privacy, pages 16-28, Oakland, California, May 24-26, 1993
- (1993) Proceedings of the 1993 IEEE Symposium on Security and Privacy , pp. 16-28
- Ilgun, K.¹

10
- 84940110274
- Detecting computer and network misuse through the production-based expert system toolset (P-BEST)
- Oakland, California, May 9-12
- U. Lindqvist and P. A. Porras. Detecting computer and network misuse through the production-based expert system toolset (P-BEST). In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pages 146-161, Oakland, California, May 9-12, 1999
- (1999) Proceedings of the 1999 IEEE Symposium on Security and Privacy , pp. 146-161
- Lindqvist, U.¹ Porras, P.A.²

11
- 84944222170
- Analysis and results of the 1999 DARPA off-line intrusion detection evaluation
- H. Debar, L. Me, and S. F. Wu, editors Toulouse, France, Oct. 2-4, . Springer-Verlag
- R. Lippmann, J.W. Haines, D. J. Fried, J. Korba, and K. Das. Analysis and results of the 1999 DARPA off-line intrusion detection evaluation. In H. Debar, L. Me, and S. F. Wu, editors, Recent Advances in Intrusion Detection (RAID 2000), volume 1907 of LNCS, pages 162-182, Toulouse, France, Oct. 2-4, 2000. Springer-Verlag
- (2000) Recent Advances in Intrusion Detection (RAID 2000), Volume 1907 of LNCS , pp. 162-182
- Lippmann, R.¹ Haines, J.W.² Fried, D.J.³ Korba, J.⁴ Das, K.⁵

12
- 0004000392
- PhD thesis, Institut d'Informatique, University of Namur, Belgium, Sept
- A. Mounji. Languages and Tools for Rule-Based Distributed Intrusion Detection. PhD thesis, Institut d'Informatique, University of Namur, Belgium, Sept. 1997
- (1997) Languages and Tools for Rule-Based Distributed Intrusion Detection
- Mounji, A.¹

13
- 85095970245
- Experience with EMERALD to date
- Santa Clara, California, Apr. 9-12,. The USENIX Association
- P. G. Neumann and P. A. Porras. Experience with EMERALD to date. In Proceedings of the 1st Workshop on Intrusion Detection and Network Monitoring, Santa Clara, California, Apr. 9-12, 1999. The USENIX Association
- (1999) Proceedings of the 1st Workshop on Intrusion Detection and Network Monitoring
- Neumann, P.G.¹ Porras, P.A.²

14
- 0006100649
- Smashing the stack for fun and profit
- Nov. 8
- A. One. Smashing the stack for fun and profit. Phrack Magazine, 7(49), Nov. 8, 1996. http://www.fc.net/phrack/files/ p49/p49-14
- (1996) Phrack Magazine , vol.7 , Issue.49
- One, A.¹

15
- 0023207670
- The design of an effective auditing subsystem
- Oakland, California, Apr. 27-29
- J. Picciotto. The design of an effective auditing subsystem. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, pages 13-22, Oakland, California, Apr. 27-29, 1987
- (1987) Proceedings of the 1987 IEEE Symposium on Security and Privacy , pp. 13-22
- Picciotto, J.¹

16
- 84873309550
- Penetration state transition analysis: A rule-based intrusion detection approach
- San Antonio, Texas, Nov. 30-Dec. 4
- P. A. Porras and R. A. Kemmerer. Penetration state transition analysis: A rule-based intrusion detection approach. In Proceedings of the Eighth Annual Computer Security Applications Conference, pages 220-229, San Antonio, Texas, Nov. 30-Dec. 4, 1992
- (1992) Proceedings of the Eighth Annual Computer Security Applications Conference , pp. 220-229
- Porras, P.A.¹ Kemmerer, R.A.²

17
- 0002629036
- EMERALD: Event monitoring enabling responses to anomalous live disturbances
- Baltimore, Maryland, Oct. 7-10, . National Institute of Standards and Technology/ National Computer Security Center
- P. A. Porras and P. G. Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In Proceedings of the 20th National Information Systems Security Conference, pages 353-365, Baltimore, Maryland, Oct. 7-10, 1997. National Institute of Standards and Technology/ National Computer Security Center
- (1997) Proceedings of the 20th National Information Systems Security Conference , pp. 353-365
- Porras, P.A.¹ Neumann, P.G.²

18
- 0028711786
- Audit reduction and misuse detection in heterogeneous environments: Framework and application
- Orlando, Florida, Dec. 5-9
- P. Proctor. Audit reduction and misuse detection in heterogeneous environments: Framework and application. In Proceedings of the Tenth Annual Computer Security Applications Conference, pages 117-125, Orlando, Florida, Dec. 5-9, 1994
- (1994) Proceedings of the Tenth Annual Computer Security Applications Conference , pp. 117-125
- Proctor, P.¹

19
- 0004145058
- Technical report, Secure Networks, Inc., Calgary, Alberta, Canada, Jan
- T. H. Ptacek and T. N. Newsham. Insertion, evasion, and denial of service: Eluding network intrusion detection. Technical report, Secure Networks, Inc., Calgary, Alberta, Canada, Jan. 1998. http://www.clark.net/roesch/idspaper.html
- (1998) Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection
- Ptacek, T.H.¹ Newsham, T.N.²

20
- 2942645420
- Expert systems in intrusion detection: A case study
- Baltimore, Maryland, Oct. 17-20,. National Institute of Standards and Technology/ National Computer Security Center
- M. M. Sebring, E. Shellhouse, M. E. Hanna, and R. A. Whitehurst. Expert systems in intrusion detection: A case study. In Proceedings of the 11th National Computer Security Conference, pages 74-81, Baltimore, Maryland, Oct. 17-20, 1988. National Institute of Standards and Technology/ National Computer Security Center
- (1988) Proceedings of the 11th National Computer Security Conference , pp. 74-81
- Sebring, M.M.¹ Shellhouse, E.² Hanna, M.E.³ Whitehurst, R.A.⁴

21
- 84949279540
- Sun microsystems, inc., 901 san antonio road, palo alto, ca 94303, USA
- Solaris 7, Oct
- Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303, USA. SunSHIELD Basic Security Module Guide, Solaris 7, Oct. 1998. Part No. 805-2635-10
- (1998) SunSHIELD Basic Security Module Guide

22
- 84962290765
- US department of defense
- Dec. DoD 5200.28-STD
- U.S. Department of Defense. Trusted Computer System Evaluation Criteria, Dec. 1985. DoD 5200.28-STD
- (1985) Trusted Computer System Evaluation Criteria

23
- 84944220475
- Adaptive, model-based monitoring for cyber attack detection
- H. Debar, L. Me, and S. F. Wu, editors, Toulouse, France, Oct. 2-4, . Springer-Verlag
- A. Valdes and K. Skinner. Adaptive, model-based monitoring for cyber attack detection. In H. Debar, L. Me, and S. F. Wu, editors, Recent Advances in Intrusion Detection (RAID 2000), volume 1907 of LNCS, pages 80-92, Toulouse, France, Oct. 2-4, 2000. Springer-Verlag
- (2000) Recent Advances in Intrusion Detection (RAID 2000), Volume 1907 of LNCS , pp. 80-92
- Valdes, A.¹ Skinner, K.²

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.