文件名称:protocol-anomaly-detection-network-based-intrusio
介绍说明--下载内容均来自于网络,请自行研究使用
A taxonomy was developed by Axelsson to define the space of intrusion detection technology and classify IDSs.
The taxonomy categorizes IDSs by their detection principle and their operational aspects. The two main
categories of detection principles are signature detection and anomaly detection. The remainder of this paper
will compare the two categories of detection principles and describe a new type of anomaly detection based on
protocol standards. While the taxonomy applies to both host-based and network-based IDSs,
and more particularly protocol anomaly filters.
This is the result of research work done at Defcom Sweden, Stockholm.
The taxonomy categorizes IDSs by their detection principle and their operational aspects. The two main
categories of detection principles are signature detection and anomaly detection. The remainder of this paper
will compare the two categories of detection principles and describe a new type of anomaly detection based on
protocol standards. While the taxonomy applies to both host-based and network-based IDSs,
and more particularly protocol anomaly filters.
This is the result of research work done at Defcom Sweden, Stockholm.
(系统自动生成,下载前可以参看下载内容)
下载文件列表
protocol-anomaly-detection-network-based-intrusion-detection_349.pdf