Name
Abstract | ||
|---|---|---|
It is commonly accepted that intrusion detection systems (IDS) are required to compensate for the insufficient security mechanisms that are available on computer systems and networks. However, the anomaly-based IDSes that have been proposed in the recent years present some drawbacks, e.g., the necessity to explicitly define a behaviour reference model. In this paper, we propose a new approach to anomaly detection, based on the design diversity, a technique from the dependability field that has been widely ignored in the intrusion detection area. The main advantage is that it provides an implicit, and complete reference model, instead of the explicit model usually required. For practical reasons, we actually use Components-off-the-shelf (COTS) diversity, and discuss on the impact of this choice. We present an architecture using COTS-diversity, and then apply it to web servers. We also provide experimental results that confirm the expected properties of the built IDS, and compare them with other IDSes. |
Year | DOI | Venue |
|---|---|---|
2005 | 10.1007/11663812_3 | RAID |
Keywords | Field | DocType |
computer system,design diversity,behaviour reference model,explicit model,web server,expected property,cots diversity,dependability field,complete reference model,intrusion detection area,anomaly-based idses,intrusion detection system,reference model,intrusion detection,practical reasoning,anomaly detection | Anomaly detection,Dependability,Architecture,Reference model,Computer security,Computer science,Server,Real-time computing,Design diversity,Intrusion detection system,Web server | Conference |
Volume | ISSN | ISBN |
3858 | 0302-9743 | 3-540-31778-3 |
Citations | PageRank | References |
27 | 1.35 | 16 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Eric Totel | 1 | 56 | 9.73 |
| Frédéric Majorczyk | 2 | 44 | 6.04 |
| Ludovic Mé | 3 | 499 | 55.36 |