Distributed Tracing Of Intruders
Download Distributed Tracing Of Intruders PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Distributed Tracing Of Intruders book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Distributed Tracing of Intruders
Unwelcome intrusions into computer systems are being perpetrated by strangers, and the number of such incidents is rising steadily. One of the things that facilitates this malfeasance is that computer networks provide the ability for a user to log into multiple computer systems in sequence, changing identity with each step. This makes it very difficult to trace actions on a network of computers all the way back to their actual origins. We refer to this as the tracing problem. This thesis attempts to address this problem by the development of a technology called thumbprinting. Thumbprinting involves forming a signature of the data in a network connection. This signature is a small quantity which does not allow complete reconstruction of the data, but does allow comparison with signatures of other connections to determine with reasonable confidence whether the data were the same or not. This is a potential basis for a tracing system. The specific technology developed to perform this task is local thumbprinting. This involves forming linear combinations of the frequencies with which different characters occur in the network data sampled. The optimal linear combinations are chosen using a statistical methodology called principal component analysis. The difficulties which this process must overcome are outlined, and an algorithm for comparing the thumbprints which adaptively handles these difficulties is presented. A number of experiments with a trial implementation of this method are described. The method is shown to work successfully when given at least a minute and a half of reasonably active network connection. This requires presently about 20 bytes per minute per connection of storage for the thumbprints. In addition, the existing (very limited) literature on the tracing problem is reviewed.
Information Security
As distinct from other security and cryptography conferences, the Information Security Conference (ISC) 2002 brought together individuals involved in a wide variety of different disciplines of information security to foster the exchange of ideas. The conference is an outgrowth of the Information Security Workshop, first held in Ishikawa, Japan 1997. ISC 2002 was held in Sao Paulo, Brazil, on September 30– October 2, 2002. The Program Committee considered 81 submissions of which 38 papers were accepted for presentation. These proceedings contain revised versions of the accepted papers. The papers provide a representative sample of both the variety and the truly international scope of information security research conducted currently. The topics addressed range from e-commerce protocols to access control and trust management, and to cryptography and cryptographic algorithms. Many people deserve our gratitude for their contribution to the success of the conference. We would like to thank the General Chair, Routo Terada, for overseeing the local arrangements, including registration and maintaining the conference website, and for the smooth running of the conference. We are grateful to Robbie Ye for his expert help in processing the electronic submissions, reviews and acceptance notifications. Robbie’s enthusiasm and energy greatly simplified the Program Committee’s task of conducting the on-line evaluation of the submitted papers under tight time constraints.
Intrusion Detection in Distributed Systems
Author: Peng Ning
language: en
Publisher: Springer Science & Business Media
Release Date: 2012-12-06
Intrusion Detection In Distributed Systems: An Abstraction-Based Approach presents research contributions in three areas with respect to intrusion detection in distributed systems. The first contribution is an abstraction-based approach to addressing heterogeneity and autonomy of distributed environments. The second contribution is a formal framework for modeling requests among cooperative IDSs and its application to Common Intrusion Detection Framework (CIDF). The third contribution is a novel approach to coordinating different IDSs for distributed event correlation.