Accession Number : ADA335058

Title :   Direction for Intrusion Detection and Response: A Survey

Descriptive Note : General document

Corporate Author : DEFENCE SCIENCE AND TECHNOLOGY ORGANISATION CANBERRA (AUSTRALIA)

Personal Author(s) : Englehardt, Dean

PDF Url : ADA335058

Report Date : OCT 1997

Pagination or Media Count : 29

Abstract : This document presents a review of recent research into the automated detection of attack on computers or networks of computers. It is now widely regarded that despite efforts to secure computer systems against intruders by operating system protection, an increasing number of such attempts are succeeding. Only through the careful monitoring of activity in a computation environment can such penetrations be detected and potentially repelled. We briefly describe some early attempts to provide such monitoring and then proceed to describe several research efforts that are currently underway to overcome the limitations of these classical systems. From an analysis of these new approaches we distill several core principles that are critical to the success of future detect and react systems.

Descriptors :   *DATA PROCESSING SECURITY, *SURVEYS, *INTRUSION DETECTION, COMPUTATIONS, AUTOMATION, ENVIRONMENTS, DETECTION, CORES, MONITORING, NETWORKS, COMPUTERS, SECURITY, PROTECTION, AUSTRALIA, ELECTRONIC SECURITY, SECURE COMMUNICATIONS.

Subject Categories : Computer Systems Management and Standards
      Miscellaneous Detection and Detectors

Distribution Statement : APPROVED FOR PUBLIC RELEASE