NetSTAT: a network-based intrusion detection approach
- 27 November 2002
- proceedings article
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Network-based attacks have become common and so- phisticated. For this reason, intrusion detection systems are now shifting their focus from the hosts and their operating systems to the network itself. Network-based intrusion de- tection is challenging because network auditing produces large amounts of data, and different events related to a sin- gle intrusion may be visible in different places on the net- work. This paper presents NetSTAT, a new approach to net- work intrusion detection. By using a formal model of both the network and the attacks, NetSTAT is able to determine which network events have to be monitored and where they can be monitored.Keywords
This publication has 3 references indexed in Scilit:
- The SRI IDES statistical anomaly detectorPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Network intrusion detectionIEEE Network, 1994
- A network security monitorPublished by Institute of Electrical and Electronics Engineers (IEEE) ,1990