Index. Index 2D-PCA 222

Similar documents
CSE 565 Computer Security Fall 2018

CIH

Anomaly Detection in Communication Networks

Flow-based Anomaly Intrusion Detection System Using Neural Network

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

IDS: Signature Detection

Intrusion Detection by Combining and Clustering Diverse Monitor Data

Intrusion Detection. Comp Sci 3600 Security. Introduction. Analysis. Host-based. Network-based. Distributed or hybrid. ID data standards.

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

Applied IT Security. System Security. Dr. Stephan Spitz 6 Firewalls & IDS. Applied IT Security, Dr.

PROTECTING INFORMATION ASSETS NETWORK SECURITY

ANOMALY DETECTION IN COMMUNICTION NETWORKS

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Intrusion Detection System (IDS) IT443 Network Security Administration Slides courtesy of Bo Sheng

Intrusion Detection System with FGA and MLP Algorithm

Configuring Access Rules

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Basic Concepts in Intrusion Detection

Intrusion Detection System using AI and Machine Learning Algorithm

Behavior-Based IDS: StealthWatch Overview and Deployment Methodology

Intrusion Detection Systems

Review on Data Mining Techniques for Intrusion Detection System

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

A study on fuzzy intrusion detection

Ethical Hacking and Prevention

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Gladiator Incident Alert

Emerging Threat Intelligence using IDS/IPS. Chris Arman Kiloyan

Web Security. Outline

CS System Security 2nd-Half Semester Review

Contents. Preface to the Second Edition

Lecture 12. Application Layer. Application Layer 1

Chapter 9. Firewalls

Computer Security: Principles and Practice

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

OSSIM Fast Guide

SANS SEC504. Hacker Tools, Techniques, Exploits and Incident Handling.

Understanding Cisco Cybersecurity Fundamentals

Our Narrow Focus Computer Networking Security Vulnerabilities. Outline Part II

Sun Mgt Bonus Lab 2: Zone and DoS Protection on Palo Alto Networks Firewalls 1

Combination of Three Machine Learning Algorithms for Intrusion Detection Systems in Computer Networks

Bayesian Learning Networks Approach to Cybercrime Detection

Intrusion Detection Systems (IDS)

Graph-based Detection of Anomalous Network Traffic

An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree

Detecting Specific Threats

Distributed Denial of Service (DDoS)

Anomaly Intrusion Detection System Using Hierarchical Gaussian Mixture Model

Hybrid Network Intrusion Detection for DoS Attacks

Intrusion Detection Systems (IDS)

Improved Detection of Low-Profile Probes and Denial-of-Service Attacks*

2. INTRUDER DETECTION SYSTEMS

INTRUSION DETECTION WITH TREE-BASED DATA MINING CLASSIFICATION TECHNIQUES BY USING KDD DATASET

Hierarchical Adaptive FCM To Detect Attacks Using Layered Approach

CompTIA Network+ Study Guide Table of Contents

UMSSIA INTRUSION DETECTION

USG2110 Unified Security Gateways

Configuring attack detection and prevention 1

SPIDeR. A Distributed Multi-Agent Intrusion Detection and Response Framework. Patrick Miller

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Activating Intrusion Prevention Service

Certified Ethical Hacker (CEH)

Analysis of neural networks usage for detection of a new attack in IDS

A Comparative Study of Supervised and Unsupervised Learning Schemes for Intrusion Detection. NIS Research Group Reza Sadoddin, Farnaz Gharibian, and

Developing the Sensor Capability in Cyber Security

Detection of Network Intrusions with PCA and Probabilistic SOM

Network Security. Chapter 0. Attacks and Attack Detection

Intrusion Detection -- A 20 year practice. Outline. Till Peng Liu School of IST Penn State University

Intelligent and Secure Network

COURSE PROJECT SEM ATTENTION ALL ADVANCED DIPLOMA & BACHELOR STUDENTS

Course 831 Certified Ethical Hacker v9

Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 Intrusion Detection Datasets

Dynamic Datacenter Security Solidex, November 2009

Overview of Firewalls. CSC 474 Network Security. Outline. Firewalls. Intrusion Detection System (IDS)

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]

Intruders. significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders:

Denial of Service (DoS) Attack Detection by Using Fuzzy Logic over Network Flows

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

Cisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection

INTRUSION DETECTION MODEL IN DATA MINING BASED ON ENSEMBLE APPROACH

NetDefend Firewall UTM Services

Configuring attack detection and prevention 1

Name of the lecturer Doç. Dr. Selma Ayşe ÖZEL

Network Intrusion Analysis (Hands on)

Denial of Service. Serguei A. Mokhov SOEN321 - Fall 2004

ASA/PIX Security Appliance

COMPUTER NETWORK SECURITY

Computer and Network Security

Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle. Network Security. Chapter 8

Network Intrusion Detection System Using Fuzzy Logic Ppt

CE Advanced Network Security

NetDetector The Most Advanced Network Security and Forensics Analysis System

NIP6000 Next-Generation Intrusion Prevention System

Preface Preliminaries. Introduction to VoIP Networks. Public Switched Telephone Network (PSTN) Switching Routing Connection hierarchy Telephone

Exam: : VPN/Security. Ver :

Transcription:

274 Index Index 2D-PCA 222 A abrupt change detection 96 Adaptive Resonance Theory (ART) 48, 143, 223, 239 Ad-Hoc Network 92 Anomaly-based Network Intrusion Detection System (A-NIDS) 94-95, 97, 102, 104, 109, 111, 117 anomaly detection 8, 13, 30, 40-41, 43-46, 49, 70-71, 75, 96-97, 102-103, 118-121, 140, 143, 153, 164-165, 187, 193-197, 207, 209, 211-216, 218-219, 238, 240 Anomaly Level Exposure 107, 121 Application Level Network (ALN) 78, 81, 93 application logging 3, 27 Artificial Intelligence (AI) 30, 96, 120, 171-172, 192, 218 Artificial Neural Network (ANN) 172-173, 223 Audit Data 2, 24, 29, 32, 36, 96, 192 Auto-Reclosing 40, 42, 49, 51, 54, 61, 68, 71, 75 B Back Orifice software 49 Back Propagation (BP) 223 Bayes Decision Rule 46 Bayesian Belief Networks 48, 69 Bayesian methodology 172 behavioral aliasing 45 Blaster.worm 113 Botnets 122-144 Broadcast Algorithms 86-89 broadcast service 85-86 buffer overflow attacks 47, 197 Byzantine agreement protocol 47 C Centralized intrusion detection system 43 Cisco Systems Net Ranger 43 Classification 2, 23, 25, 36-37, 45-46, 71-72, 103-104, 121-123, 125, 137, 140, 143, 148, 158, 173, 189, 193, 201, 207-208, 219-221, 225-226, 230, 234, 240 Client-Server Model 81, 93 clustering analysis 138, 212-213 collection strategy 15-17 collection structure 15 Command and Control (C&C) Server 138, 142, 144 Common Criteria 7, 27 Common Intrusion Detection Framework (CIDF) 34, 44 Competitive Learning Network (CLN) 179, 183-187 Computer Crime and Security Surveys 95, 118 computer monitoring 3, 8 Computer Security Institute (CSI) 95, 118 correlation matrix 174-175 274

COTS-products 3 CPU cycles 22 crossover error rate (CER) 58, 61, 65 Curse of Dimensionality 169, 171, 173, 194 CyberSafe Centrax 43 D Danger Theory 47 data collection 1-9, 13-25, 28-29, 32, 34-37, 42 data collection infrastructure 15, 22 debug registers 14 Defense Advanced Projects Agency (DARPA) 35, 104, 119, 169, 171, 175-177, 179-180, 183-189, 197, 220, 229-231, 238, 240 demilitarized zone (DMZ) 101 denial of service (DoS) 41-42, 44-45, 49-51, 75-76, 117, 123, 129, 145-146, 148, 150, 153, 158, 164, 166, 180, 197 desktop modem 95 Detection Appliance 43 detection engine 5, 14, 44, 145 detection policy 5, 12 Detection Rate (DR) 3, 162-163, 170, 181-186, 189-190, 208, 214-215 dimensionality reduction 172-174, 176, 178-179, 181, 237-238 dimension reduction 169, 171, 174, 178, 181, 184, 186, 189-190, 223, 229 distance-based function 212 distributed denial of service attacks (DDoS) 41-42, 49, 51, 68, 75, 103, 123-124, 166 distributed hash tables (DHTs) 77, 80-82, 85, 92 Domain Name System (DNS) 123-124, 137, 140 dynamic applications 3 Dynamic patching 10-11 E eigenvector 174-175, 224-225 embedded systems 25 end-to-end delay 54, 56, 58-61, 63-65 entropy 95-100, 102-105, 107-108, 115, 118-121, 192 Euclidean distance 225-226 evasion methods 45 Execution Time (ET) 2-3, 6, 8, 12-13, 15, 23-25, 41, 96, 98, 102, 104, 125, 146, 153, 159, 172-173, 175, 178-179, 181-186, 189-190, 193-196, 213, 222-223 exposure of anomaly 106 Exposure Threshold 96, 101, 105-109, 112, 115-118, 121 F false negative rate (FNR) 58, 61, 64-65, 135, 137 False Positive (FP) 42, 45, 52, 58, 61, 64, 68, 122, 134-135, 181-186, 189-190, 193, 195, 201, 207-208, 210, 212, 214-216, 219 false positive rate (FPR) 58, 61, 64-65, 135, 137, 210, 212, 214-215 Feature Space 169, 171, 173, 175, 182, 188, 190, 222, 224-226 financial fraud 45 firewall 41, 50-51, 73, 79, 95, 101, 165 Fixed SST Subspaces (FS) 195, 197, 200 flooding attacks 146, 149-150, 165-166 fuzzy logic 96, 172, 191 G general purpose registers 14 Genetic Algorithm (GA) 70, 172, 191, 217, 219, 223, 238 goal-oriented logging 8, 32 granularity of log trigger 9, 12, 37 H Hash Function 93 helper library 17-18, 21 Hidden Markov Model (HMM) 70, 172-173 high speed networks 96 histogram 15, 212-215 275

Honeypot 45, 48, 69, 72, 125 host based intrusion detection system (HIDS) 43, 47-48, 101 I impossible path execution (IPE) 47-48 Improved Competitive Learning Network (ICLN) 179, 183, 185 Incident Response Support System (IRSS) 46, 69 Independent Component Analysis (ICA) 191, 222, 239 Information Security Management System (ISMS) 47 information value 169, 175-176, 180, 187 insider attack 31, 95 Institute of Standards and Technology 29, 146, 191 internet banking security 45 Internet Engineering Task Force (IETF) 79, 91, 146, 165 Internet Security Systems Real Secure 43 interpreter insertion 10-11 Inter-Quartile Range (IQR) 103 intrusion detection and intrusion prevention (ID/IP) 1-5, 8, 13, 15-16, 20, 23-25, 29-31, 33-36, 40-41, 43-50, 61, 68-85, 89-92, 94, 96-97, 101-102, 105-106, 108-109, 114-115, 117-120, 124-126, 129-131, 134, 136-137, 140, 144-146, 150-153, 156, 158-159, 164-167, 169-173, 180, 190-192, 212, 217-218, 220-223, 229, 231, 237-241 Intrusion Detection and Response System (IDRS) 170 Intrusion Detection Message Exchange Format (IDMEF) 79 Intrusion Detection Systems (IDS) 2-5, 7, 12, 15, 17, 19-20, 22-24, 29, 33-36, 40-46, 48-58, 61, 63-68, 75, 78, 81, 92, 101, 104, 118-119, 156, 158, 164, 166, 170-171, 173, 223, 229, 235, 238, 240 Intrusion Detection Working Group (IDWG) 79, 91 Intrusion Prevention Systems (IPS) 40-42, 44-48, 69, 71 in-vehicle network 25 inverse document frequency (idf) 203 IP Multimedia Subsystem (IMS) 49, 73, 164 Ipsweep 113, 115 J JXTA framework 81 K Kademlia network 81, 83-85 Kadsim 83-84 K-Bucket 82, 93 KDD-CUP 99 196-197, 207, 209, 211, 214 Kernel density function 212-213 keystroke monitoring 41 Key-Value Pair 93 K-Nearest Neighbor (KNN) 220-221, 223-226, 230-233, 236, 238, 241 Komondor test network 89 L learning by example paradigms 96 limited scalability 42, 67 Local Area Network (LAN) 44-45, 55, 73, 94-97, 103, 111, 118, 120, 137, 155, 170 location relative environment 15, 17 location relative monitored asset 15, 20 log control 6, 9, 13-15 log record 4, 7, 36 log trigger 5-6, 9-10, 12-13, 18, 21, 37 long-time traffic slot (LTTS) 109-110, 112-113, 121 M malign traffic 95, 110 malware 35, 92, 125, 128-130, 132, 137, 139, 141-143 Mass Spectral Imaging (MSI) 222 276

McAfee Entercept 46 Method of Remaining Elements (MRE) 94, 96, 104-109, 111, 114-117, 120 mission-critical applications 95 misuse detection 2, 32, 153 MIT-DARPA dataset 95, 97, 118 mobile ad hoc network (MANET) 44, 71 mobile nodes 45 mobile telecommunications 46 modify compiler 9-10 modify linker 9-10 Modular Weighted PCA (MWPCA) 222 monitoring policy 10 multicast tree 86, 88 Multi Layer Perceptron (MLP) 221, 223 multi-resolution techniques 40 N Neptune 113, 115 network based intrusion detection system (NIDS) 43-45, 77-78, 94-95, 101-102, 112, 117, 129-130, 159 Network Flight Recorder Intrusion 43 Network Ice Black Ice Defender 43 network probes 96 Network Security 41, 43-44, 68, 70, 73, 78, 119-120, 140, 164, 166, 169-170, 191, 194, 221, 237 Network Security Wizard Dragon IDS 43 neural networks 41, 44-45, 70-71, 96, 144, 172, 191-192, 223, 237, 240 Next Generation Networks (NGN) 145, 166 Nmap 113, 115, 129 Node IDentifier (NodeID) 80-81, 83, 87 Number of Dimensions (ND) 28, 30, 32-35, 71-72, 140-141, 164, 169, 171, 176, 179, 181-186, 189-190, 192, 214, 237, 239 O Open Software 48 Open Source Security Information Management (OSSIM) 47 operating systems (OSs) 3, 14, 17-19, 21-23, 26-27, 31-33, 35, 47, 81, 128-129, 201, 203, 208, 211 Optimized Network Engineering Tools (OPNET) 52, 67 OS interface 17-18, 21 OS kernel 17-19, 21-22 Outlying Subspace Front (OSF) 200-202, 205-206, 208, 211 output device 4, 6 Overlay Network 77-78, 81, 91, 93 P packet losses 83, 86-87 partial keyword searches 85 Peer-to-Peer (P2P) Networks 77-78, 80-81, 85, 91, 93, 123, 125, 139, 142, 144 performance counters 14, 19 perl 112 Ping of Death 50, 113, 116 PortScan 104, 111, 113, 115 Portsweep 113, 115 predictive pattern generation 41 Preventive Information Security Management (PrISM) 47 Principal Component Analysis (PCA) 171, 173-175, 182, 220-224, 226, 228-241 privileged execution 19 probes 49, 79, 96, 104, 113 processing overhead 10 processing time 171, 173, 178, 182 PROMIS system 81 Proportional Uncertainty (PU) 94-95, 100-101, 105-106, 108, 110, 115, 121 Q Quality of Service (QoS) 48, 143, 145 R Radial Basis Function Neural Network (RBFNN) 223, 237 Receiver Operating Characteristic (ROC) 161, 214-215, 219 277

replication 83-84, 87-88, 91, 93 rewrite executable 9-10 rootkits 19 routing protocols 44 runtime compilation 10-11 S SANS consensus project 3, 32 Sasser worm 113 secure architecture and fault-resilient engine (SAFE) 47 Security Information and Event Management Systems (SIEM) 3 security log 3, 29, 36 Security Operation Center (SOC) 151, 163 Self Organizing features Map (SOM) 173, 179, 183, 185-186, 191 sequence matching 41 Service Delivery Platform (SDP) 49 Session Initiation Protocol (SIP) 45, 48, 72, 145-147, 149-153, 155-167 Shannon s uncertainty measure 97 short-time traffic slot (STTS) 109-110, 112-115, 121 signal processing techniques 96 Signature Based Detection 43, 76 Signature-based NIDS (S-NIDS) 95, 102, 117 similarity metrics 46 Singular Value Decomposition (SVD) 173 SIP-based security architecture 151, 164 SIP security 153, 159-162, 164-165 SIP Security Engine Evaluation 159 SMTP server 82 Smurf 50, 113-115, 223, 239 snare 19, 29 Snort 43, 45, 47-48, 78, 92, 95, 102, 119, 129-130 Spamwatch 81 Sparse Subspace Template (SST) 195-198, 200 SQL Injection Attacks (SQLIAs) 46, 71 state of lockout 61 state transition analysis 41 Storage Area Networks (SAN) 26, 31-33, 46, 138, 141 storage mechanisms 14 Stream Projected Outlier detector (SPOT) 193, 195-201, 205, 207-210, 212, 214-216 Supervised SST Subspaces (SS) 195, 197-200 Support Vector Machine (SVM) 71, 173, 223 Symantec Net Prowler 43 SYN-flood attacks 41-42, 49-51, 68, 75-76 T TCP/IP packets 20, 50, 61, 85, 111, 124-126, 128-129, 144, 180, 196 term frequency (tf) 202 ternary content addressable memory (TCAM) 47 Threat Modeling 8 traffic profiling 94, 96, 117 transaction user (TU) 144, 146, 167 Transport Control Protocol (TCP) 20, 50, 61, 85, 111, 124-126, 128-129, 144, 180, 196 Tripwire 43 Trojans 170 U UDP packets 85 unitary cardinality 107-108, 110-111, 114-117 UNIX 10, 13, 20, 26-28, 30-31, 33, 129 unstable network 77-78 Unsupervised SST Subspaces (US) 68, 142, 146, 195, 197, 200 User Agent Clients (UACs) 155, 167 User Agent Servers (UASs) 155, 167 V virtual machines 128, 130 Voice over IP (VoIP) 45, 48, 72, 145, 151, 164, 166-167 278

W web connected applications 3 Weighted PCA (WPCA) 220 weights matrix 174-178 Welchia.worm 113 white data 175, 190 whiteness property 175 Wide Area Network (WAN) 45, 170 worms 44-45, 51, 80, 89, 97, 103, 111, 113, 120, 143, 170 X XOR metric 82, 92 279

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback