Hoagland et al., 2001 - Google Patents
Viewing ids alerts: Lessons from snortsnarfHoagland et al., 2001
- Document ID
- 10053296467570776586
- Author
- Hoagland J
- Staniford S
- Publication year
- Publication venue
- Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01
External Links
Snippet
We consider the design of the user interface to an intrusion detection system console. We first analyze the requirements for this problem; our analysis is novel because we consider the possibility that an attacker can deliberately create spurious packets or audit records …
- 238000001514 detection method 0 abstract description 22
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30873—Retrieval from the Internet, e.g. browsers by navigation, e.g. using categorized browsing, portals, synchronized browsing, visual networks of documents, virtual worlds or tours
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30861—Retrieval from the Internet, e.g. browsers
- G06F17/30864—Retrieval from the Internet, e.g. browsers by querying, e.g. search engines or meta-search engines, crawling techniques, push systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99931—Database or file accessing
- Y10S707/99933—Query processing, i.e. searching
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10—TECHNICAL SUBJECTS COVERED BY FORMER USPC
- Y10S—TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y10S707/00—Data processing: database and file management or data structures
- Y10S707/99941—Database schema or data structure
- Y10S707/99943—Generating database or data structure, e.g. via user interface
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance or administration or management of packet switching networks
- H04L41/22—Arrangements for maintenance or administration or management of packet switching networks using GUI [Graphical User Interface]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/26—Monitoring arrangements; Testing arrangements
- H04L12/2602—Monitoring arrangements
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107196910B (en) | Threat early warning monitoring system, method and deployment framework based on big data analysis | |
| US6704874B1 (en) | Network-based alert management | |
| US9825973B2 (en) | Website security | |
| US7921459B2 (en) | System and method for managing security events on a network | |
| CN101622621B (en) | System and method of blocking malicios web content | |
| US7552109B2 (en) | System, method, and service for collaborative focused crawling of documents on a network | |
| US9027121B2 (en) | Method and system for creating a record for one or more computer security incidents | |
| RU2417417C2 (en) | Real-time identification of resource model and resource categorisation for assistance in protecting computer network | |
| US8073833B2 (en) | Method and system for gathering information resident on global computer networks | |
| Kemmerer | NSTAT: a model-based real-time network intrusion detection system | |
| US20100162350A1 (en) | Security system of managing irc and http botnets, and method therefor | |
| US20020116512A1 (en) | Method of surveilling internet communication | |
| WO2017147411A1 (en) | Cybersecurity system | |
| DE10126752A1 (en) | Virus checking and warning for search results from computer database involves accessing virus status information for result files, displaying results on basis of virus status information | |
| CN107087001A (en) | A Distributed Internet Important Address Space Retrieval System | |
| CN1252601C (en) | Sharing system of integrated souce positioning symbolic information | |
| GB2377783A (en) | Controlling access by software agents to a distributed processing system | |
| KR20010079562A (en) | Information security analysis system | |
| Hoagland et al. | Viewing ids alerts: Lessons from snortsnarf | |
| CN115333971A (en) | IPv6 support degree monitoring method and related equipment | |
| US20120130980A1 (en) | System and method for searching network-accessible sites for leaked source code | |
| CN114500122B (en) | Specific network behavior analysis method and system based on multi-source data fusion | |
| Humphries et al. | Corgi: Combination, organization and reconstruction through graphical interactions | |
| Gnatyuk et al. | Software System for Cybersecurity Events Correlation and Incident Management in Critical Infrastructure | |
| Alghfeli et al. | Bayyinah, A Log Analysis Forensics Tool |