Understanding Intrusion Detection Through Visualization

✍ Scribed by Dr. Stefan Axelsson, Prof. David Sands (auth.)

Publisher: Springer US
Year: 2006
Tongue: English
Leaves: 156
Series: Advances in Information Security 24
Edition: 1
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract significant attention. Among the methods for defense, the application of a tool to help the operator identify ongoing or already perpetrated attacks (intrusion detection), has been the subject of considerable research in the past ten years. A key problem with current intrusion detection systems is the high number of false alarms they produce.

Understanding Intrusion Detection through Visualization presents research on why false alarms are, and will remain a problem; then applies results from the field of information visualization to the problem of intrusion detection. This approach promises to enable the operator to identify false (and true) alarms, while aiding the operator to identify other operational characteristics of intrusion detection systems. This volume presents four different visualization approaches, mainly applied to data from web server access logs.

Understanding Intrusion Detection through Visualization is structured for security professionals, researchers and practitioners. This book is also suitable for graduate students in computer science.

✦ Table of Contents

Introduction....Pages 1-14
An Introduction to Intrusion Detection....Pages 15-29
The Base-Rate Fallacy and the Difficulty of Intrusion Detection....Pages 31-47
Visualizing Intrusions: Watching the Webserver....Pages 49-67
Combining a Bayesian Classifier with Visualization: Understanding the IDS....Pages 69-87
Visualizing the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems....Pages 89-109
Visualization for Intrusion Detection—Hooking the Worm....Pages 111-127
Epilogue....Pages 129-132

✦ Subjects

Data Encryption; Computer Imaging, Vision, Pattern Recognition and Graphics; Pattern Recognition; Data Structures, Cryptology and Information Theory; Computer Communication Networks

📜 SIMILAR VOLUMES

Understanding Intrusion Detection throug

📁 Understanding Intrusion Detection through Visualization

✍ Stefan Axelsson, David Sands 📂 Library 📅 2005 🏛 Springer 🌐 English

In the beginning I was a bit mislead by the title of this book, but I guess that was my mistake: The book is not about visualizing intrusion detection system logs, but it is about how to do intrusion detection on mainly Web server logs. The book is based on some older papers of the author. However,

Understanding Intrusion Detection throug

📁 Understanding Intrusion Detection through Visualization

✍ Stefan Axelsson, David Sands 📂 Library 📅 2005 🏛 Springer 🌐 English

Understanding Intrusion Detection Throug

📁 Understanding Intrusion Detection Through Visualization

✍ Dr. Stefan Axelsson, Prof. David Sands (auth.) 📂 Library 📅 2006 🏛 Springer US 🌐 English

With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract significant attention. Among the methods for defense, the application of a tool to help the operator identify

Understanding Intrusion Detection Throug

📁 Understanding Intrusion Detection Through Visualization

📂 Library 📅 2006 🏛 Springer 🌐 English

Intrusion Detection Honeypots: Detection

📁 Intrusion Detection Honeypots: Detection through Deception

✍ Chris Sanders 📂 Library 📅 2021 🏛 Applied Network Defense 🌐 English

The foundational guide for using deception against computer network adversaries. When an attacker breaks into your network, you have a home-field advantage. But how do you use it? Intrusion Detection Honeypots is the foundational guide to building, deploying, and monitoring ho

Extrusion detection: security monitoring

📁 Extrusion detection: security monitoring for internal intrusions

✍ Bejtlich, Richard 📂 Library 📅 2005;2006 🏛 Addison-Wesley Professional 🌐 English

Overcome Your Fastest-Growing Security Problem: Internal, Client-Based Attacks Today's most devastating security attacks are launched from within the company, by intruders who have compromised your users' Web browsers, e-mail and chat clients, and other Internet-connected software.