Publication | Closed Access
A network security monitor
384
Citations
15
References
1990
Year
Unknown Venue
Network Architecture (Supply Chain Management)EngineeringInformation SecurityNetwork AnalysisHardware SecuritySystems EngineeringNetwork Architecture (Ocean Engineering)Single Broadcast LanNetwork SecurityNetwork Security MonitorNetwork SafetySecurity DiagnosticsNetwork InfrastructureIntrusion Detection SystemIntrusion ToleranceNetworked Computer SystemsComputer ScienceNetwork ForensicsIntrusion DetectionSecurityLocal Area NetworkPossible Security ViolationsBusinessNetwork Monitoring
This study concentrates on the security-related issues in a single broadcast LAN (local area network) such as Ethernet. The authors formalize various possible network attacks. Their basic strategy is to develop profiles of usage of network resources and then compare current usage patterns with the historical profile to determine possible security violations. Thus, the work is similar to the host-based intrusion-detection systems. Different from such systems, however, is the use of a hierarchical model to refine the focus of the intrusion-detection mechanism. The authors also report on the development of an experimental LAN monitor currently under implementation. Several network attacks have been simulated, and results on how the monitor has been able to detect these attacks are analyzed. Initial results demonstrate that many network attacks are detectable with the authors' monitor, although it can be defeated.< <ETX xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">></ETX>
| Year | Citations | |
|---|---|---|
Page 1
Page 1