Lippmann et al., 2002 - Google Patents
The effect of identifying vulnerabilities and patching software on the utility of network intrusion detectionLippmann et al., 2002
- Document ID
- 6609740201989539136
- Author
- Lippmann R
- Webster S
- Stetson D
- Publication year
- Publication venue
- International Workshop on Recent Advances in Intrusion Detection
External Links
Snippet
Vulnerability scanning and installing software patches for known vulnerabilities greatly affects the utility of network-based intrusion detection systems that use signatures to detect system compromises. A detailed timeline analysis of important remote-to-local vulnerabilities …
- 238000001514 detection method 0 title abstract description 86
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2119—Authenticating web pages, e.g. with suspicious links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lippmann et al. | The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection | |
| US10230761B1 (en) | Method and system for detecting network compromise | |
| Bace et al. | Intrusion detection systems | |
| Bace et al. | NIST special publication on intrusion detection systems | |
| Binde et al. | Assessing outbound traffic to uncover advanced persistent threat | |
| Gula | Correlating ids alerts with vulnerability information | |
| US8260961B1 (en) | Logical / physical address state lifecycle management | |
| US7370359B2 (en) | Method and apparatus for verifying the integrity and security of computer networks and implementing counter measures | |
| US20110072516A1 (en) | Prevention of distributed denial of service attacks | |
| Fraunholz et al. | Defending web servers with feints, distraction and obfuscation | |
| Hiesgen et al. | The Log4j incident: a comprehensive measurement study of a critical vulnerability | |
| Kazienko et al. | Intrusion Detection Systems (IDS) Part I-(network intrusions; attack symptoms; IDS tasks; and IDS architecture) | |
| Jha et al. | Building agents for rule-based intrusion detection system | |
| Gregg | Certified ethical hacker (CEH) cert guide | |
| Blackwell | Ramit-Rule-Based Alert Management Information Tool | |
| Moyer et al. | A systematic methodology for firewall penetration testing | |
| Nilsson et al. | Vulnerability scanners | |
| Hamisi et al. | Intrussion detection by penetration test in an organization network | |
| Buchholz et al. | Digging for worms, fishing for answers | |
| Bari | Protecting an enterprise network through the deployment of honey pot | |
| Lukatsky et al. | Protect your information with intrusion detection | |
| WO2006092785A2 (en) | Method and apparatus for the dynamic defensive masquerading of computing resources | |
| Kaur et al. | Intrusion detection system using honeypots and swarm intelligence | |
| Verwoerd | Active network security | |
| Gurunathan | H0NEY4LOG: A Comprehensive Tool for SSH Honeypot and Log4j Vulnerability Scanner |