|
Abstract - Technical Program - ID 99
Transaction-based Anomaly Detection
Roland Büschkes and Mark Borning, Aachen University of
Technology; Dogan Kesdogan, o.tel.o communications GmbH &
Co.
Abstract
The increasing complexity of both tele and data communication networks yields
new demands concerning network security. Especially the task of detecting, repulsing and
preventing abuse by in- and outsiders is becoming more and more difficult. This paper
deals with a new technique that appears to be suitable for solving these issues, i.e.
anomaly detection based on the specification of transactions. The traditional transaction
and serialization concepts are discussed, and a new model of anomaly detection, based on
the concept of transactions, is introduced. Applying this model to known attacks gives a
first insight concerning the feasibility of our approach.
- View the full text of this paper in
HTML
form and
PDF form.
- If you need the latest Adobe Acrobat Reader, you can download it
from Adobe's
site.
- To become a USENIX Member, please see our Membership Information.
|
Need help? Use our Contacts page.
Technical Program