Local attack detection and intrusion route tracing

Midori Asakat*, Masahiko Tsuchiyat, Takcfumi Onabuta, Shunji Okazawatt, Shigeki Goto

*この研究の対応する著者

研究成果: Article査読

7 被引用数 (Scopus)

抄録

At the Information-technology Promotion Agency (IPA), we have been developing a network intrusion detection system called IDA (Intrusion Detection Agent system). IDA system has two distinctive features that most conventional intrusion detection systems lack. First, it has a mechanism for tracing the origin of a break-in by means of mobile agents. Second, it has a new and efficient method of detecting intrusions: rather than continuously monitoring the user's activities, it watches for an event that meets the criteria of an MLSI (Mark Left by Suspected Intruders) and may relate to an intrusion. By this method, IDA described herein can reduce the processing overhead of systems and networks. At present, IDA can detect local attacks that are initiated against a machine to which the attacker already has access and he or she attempts to exceed his or her authority. This paper mainly describes how IDA detects local attacks and traces intrusions.

本文言語English
ページ(範囲)1826-1833
ページ数8
ジャーナルIEICE Transactions on Communications
E82-B
11
出版ステータスPublished - 1999
外部発表はい

ASJC Scopus subject areas

  • 電子工学および電気工学
  • コンピュータ ネットワークおよび通信

フィンガープリント

「Local attack detection and intrusion route tracing」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル