| 000 | 01206camuu22003494a 4500 | |
| 001 | 000045315898 | |
| 005 | 20061220094307 | |
| 008 | 050912s2006 nyua b 001 0 eng c | |
| 010 | ▼a 2005933712 | |
| 015 | ▼a GBA588099 ▼2 bnb | |
| 020 | ▼a 9780387276342 (hbk.) | |
| 020 | ▼a 0387276343 (hbk.) | |
| 020 | ▼a 9780387276366 (e-book) | |
| 020 | ▼a 038727636X (e-book) | |
| 035 | ▼a (KERIS)REF000012645794 | |
| 040 | ▼a COO ▼c COO ▼d UKM ▼d BGU ▼d OHX ▼d BAKER ▼d IXA ▼d DLC ▼d 211009 | |
| 042 | ▼a pcc | |
| 050 | 0 0 | ▼a TK5105.59 ▼b .A95 2006 |
| 082 | 0 4 | ▼a 005.8 ▼2 22 |
| 090 | ▼a 005.8 ▼b A969u | |
| 100 | 1 | ▼a Axelsson, Stefan , ▼d 1968-. |
| 245 | 1 0 | ▼a Understanding intrusion detection through visualization / ▼c by Stefan Axelsson, David Sands. |
| 260 | ▼a New York : ▼b Springer , ▼c c2006. | |
| 300 | ▼a xx, 145 p. : ▼b ill. ; ▼c 25 cm. | |
| 440 | 0 | ▼a Advances in information security ; ▼v v. 24 |
| 504 | ▼a Includes bibliographical references (p. [133]-140) and index. | |
| 650 | 0 | ▼a Computer networks ▼x Security measures. |
| 650 | 0 | ▼a Information visualization. |
| 650 | 0 | ▼a Computer security. |
| 700 | 1 | ▼a Sands, David ▼d 1965- |
| 945 | ▼a KINS |
소장정보
| No. | 소장처 | 청구기호 | 등록번호 | 도서상태 | 반납예정일 | 예약 | 서비스 |
|---|---|---|---|---|---|---|---|
| No. 1 | 소장처 과학도서관/Sci-Info(2층서고)/ | 청구기호 005.8 A969u | 등록번호 121136204 (7회 대출) | 도서상태 대출가능 | 반납예정일 | 예약 | 서비스 |
컨텐츠정보
책소개
Computer security - the protection of data and computer systems from intentional, malicious intervention - is attracting increasing attention. Much work has gone into development of tools to detect ongoing or already perpetrated attacks, but a key shortfall in current intrusion detection systems is the high number of false alarms they produce. This book analyzes the false alarm problem, then applies results from the field of information visualization to the problem of intrusion detection. Four different visualization approaches are presented, mainly applied to data from web server access logs.
This monograph is the outgrowth of Stefan Axelson's PhD Dissertation at Chalmers University in Goteborg, Sweden. The dissertation, in turn collects a number of research efforts performed over a period of six years or so into a coherent whole. It was my honor to serve as the "opponent" at Dr. Axelsson's examination. In the Swedish system, it is the job of the opponent to place the candidate's work into a broader perspective, demonstrating its significance and contributions to the field and then to introduce the work to the attendees at the examination. This done, the candidate presents the technical details of the work and the opponent critiques the work giving the candidate the opportunity to defend it^. This forward is adapted from the introduction that I gave at the examination and should serve to acquaint the reader, not only with the work at hand, but also with the field to which it applies. The title of the work, "Under standing Intrusion Detection Through Visualization," is particularly telling. As is the case with any good piece of research, we hope to gain an understanding of a problem, not just a recipe or simple solution of immediate, but limited utility. For much of its formative period, computer security concentrated on devel oping systems that, in effect, embodied a fortress model of protection.
New feature
With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract significant attention. Among the methods for defense, the application of a tool to help the operator identify ongoing or already perpetrated attacks (intrusion detection), has been the subject of considerable research in the past ten years. A key problem with current intrusion detection systems is the high number of false alarms they produce.
Understanding Intrusion Detection through Visualization presents research on why false alarms are, and will remain a problem; then applies results from the field of information visualization to the problem of intrusion detection. This approach promises to enable the operator to identify false (and true) alarms, while aiding the operator to identify other operational characteristics of intrusion detection systems. This volume presents four different visualization approaches, mainly applied to data from web server access logs.
Understanding Intrusion Detection through Visualization is structured for security professionals, researchers and practitioners. This book is also suitable for graduate students in computer science.
정보제공 :
목차
An Introduction to Intrusion Detection.- The Base-Rate Fallacy and the Difficulty of Intrusion Detection.- Visualizing Intrusions: Watching the Webserver.- Combining a Bayesian Classifier with Visualization: Understanding the IDS.- Visualizing the Inner Workings of a Self Learning Classifier: Improving the Usability of Intrusion Detection Systems.- Visualization for Intrusion Detection-Hooking the Worm.- Epilogue.
정보제공 :