On TV.com: TOP 10 Shows CANCELED Too Soon
BNET Business Network:
BNET
TechRepublic
ZDNet

FREE Registration is required

Overview:

This study develops a method to build Finite State Automaton (FSA) that models the dependencies between the Operating-System (OS)-level events recorded in the audit logs of a Windows NT machine. The FSA model contains both sequential and branching relations among audit log events that help the system administrator follow the steps of the intruder. Audit-Log-FSA (ALFSA) are relatively proportional to the size of the audit log, hence, may have too many states and transitions. The Superset-Intrusion-Signature-FSA (SISFSA) is extracted using formal methods on ALFSA. The SISFSA accepts a super set of the intruder's steps since not all of its actions may result in system failure, yet it provides the system administrator with a smaller set of patterns compared to ALFSA.

(Is this item miscategorized? Does it need more tags? Let us know.)

Format:PDFSize:275 KB
Date:May 2008
Pages:9

Top results from Network Security

White Paper Open Source Security Myths Dispelled
White Paper How to Replicate the Fire: HA for Netfilter Based Firewalls
Presentation Astaro Security Gateway: Simplifying Email, Web and Network Protection
Webcast Live Webcast: Get Control over SaaS Application Access
White Paper The Essential Guide: Real-Time High Availability for Exchange - Replicate Exchange Data for Improved Resiliency

» View all Network Security listings

Top results from Intrusion Detection Systems

White Paper Open Source Security Myths Dispelled
White Paper Stopping insider attacks: how organizations can protect their sensitive information
Webcast Six Web Hacker Tricks & The Three Pillars of Web Protection
Webcast Webcast: Security Threats: A Look Ahead to 2009
White Paper Take a holistic approach to business-driven security.

» View all Intrusion Detection Systems listings

advertisement

White Papers, Webcasts, and Resources

Featured Training Courses

advertisement

Meet Doc

  • Here to help you with your Document Management Needs
  • Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
  • To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
  • Produced by
    ZDNet and

Returning users: Log In Here!

Already registered on BNET, TechRepublic, or ZDNet? Simply log in.

Free Membership: Sign Up Now!

Sign up for a free membership today and get instant and unlimited access to one of the largest databases of white papers, webcasts, and casestudies anywhere. Your FREE membership allows you to:

  • Download an unlimited amount of content, including classic and current white papers, case studies, webcasts and more
  • Track content on your chosen topics of interest
  • Receive targeted email alerts when your favorite content is added
  • Save content for future reading
  • Receive our member newsletter

When you register to access this library, you allow us to share your information with companies that produce products or services featured in the library--so that such companies may contact you with information and offers regarding their products and services. This enables us to keep the library a free service. As a library registrant, you will receive a complimentary subscription to the ZDNet white paper newsletter and e-mail Must-Read News Alerts. You can unsubscribe from these at any time. By clicking the Sign up button, you indicate that you agree to our Terms and Conditions and have read and understand our Privacy Policy (updated).