|
Abstract - Technical Program - ID 99
Experience with EMERALD to Date
Peter G. Neumann and Phillip A. Porras, SRI International
Abstract
After summarizing the EMERALD architecture and the evolutionary process from
which EMERALD has evolved, this paper focuses on our experience to date in
designing, implementing, and applying EMERALD to various types of anomalies
and misuse. The discussion addresses the fundamental importance of good
software engineering practice and the importance of the system architecture
- in attaining detectability, interoperability, general applicability, and
future evolvability. It also considers the importance of correlation among
distributed and hierarchical instances of EMERALD, and needs for additional
detection and analysis components.
- View the full text of this paper in
HTML form and
PDF form.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|
Need help? Use our Contacts page.
Technical Program