Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2008
IEEE
2008
IEEE
Systematic Signature Engineering by Re-use of Snort Signatures
Most intrusion detection systems apply the misuse detection approach. Misuse detection compares recorded audit data with predefined patterns denoted as signatures. A signature is usually empirically engineered based on experience and expert knowledge. This induces relatively long development times for novel signatures causing inappropriate long vulnerability windows. Methods for a systematic engineering have been scarcely reported so far. Approaches for an automated re-use of design and modeling decisions of available signatures also do not exist. In this paper we present an approach for systematic engineering of signatures which is based on the re-use of existing signatures. 1 Motivation The growing dependencies of social processes on IT infrastructures as well as their increasing complexity imply a large potential of threats. Intrusion detection systems (IDS) are a fundamental reactive measure to counter threats that could not be prevented. They provide means to automatically detect...
Real-time TrafficACSAC 2008 | Detection Systems | Intrusion Detection Systems | Misuse Detection | Security Privacy |
Related Content
| Added | 28 May 2010 |
| Updated | 28 May 2010 |
| Type | Conference |
| Year | 2008 |
| Where | ACSAC |
| Authors | Sebastian Schmerl, Hartmut König, Ulrich Flegel, Michael Meier, René Rietz |
Comments (0)
Researcher Info
|
