Abstract
In this paper an approach to detection, assessment and prevention of further intrusions of distributed intrusions in a computer network is presented. Our approach uses audit data from multiple network nodes and services. To achieve accurate result, inherent security relations among different network nodes should be considered. In our approach, security dependency relation (SDR) is defined to describe these relations, and ripple effect analysis is used to detect, assess, and prevent intrusions based on SDRs. Agents are used to improve the scalability and efficiency of our approach.
| Original language | English (US) |
|---|---|
| Title of host publication | Proceedings - IEEE Computer Society's International Computer Software and Applications Conference |
| Publisher | IEEE |
| Pages | 86-91 |
| Number of pages | 6 |
| State | Published - 1999 |
| Event | Proceedings of the 1999 23rd Annual International Computer Software and Applications Conference (COMPSAC '99) - Phoenix, AZ, USA Duration: Oct 27 1999 → Oct 29 1999 |
Other
| Other | Proceedings of the 1999 23rd Annual International Computer Software and Applications Conference (COMPSAC '99) |
|---|---|
| City | Phoenix, AZ, USA |
| Period | 10/27/99 → 10/29/99 |
ASJC Scopus subject areas
- Software