التفاصيل البيبلوغرافية
| العنوان: |
INTRUSION DETECTION FOR DISTRIBUTED APPLICATIONS. |
| المؤلفون: |
Stillerman, Matthew1 matt@oracorp.com, Marceau, Carla1 carla@oracorp.com, Stillman, Maureen2 maureen@oracorp.com |
| المصدر: |
Communications of the ACM. Jul99, Vol. 42 Issue 7, p62-69. 8p. |
| مصطلحات موضوعية: |
*INFORMATION warfare, *CYBERTERRORISM, *COMPUTER security, *COMPUTER hackers, *INTERNET, *COMPUTER networks, ELECTRONIC alarm systems, COUNTERTERRORISM |
| مستخلص: |
This article discusses the intrusion detection system (IDS) which can be handy to keep the computer network safe from hackers. The article emphasis that the first step in defending against an information warfare attack is discovering that the attack has occurred or is in progress. IDS might alert a human operator to a suspected intruder or might take some immediate action, such as disconnecting part of a network, to prevent damage. There are two styles of intrusion detection: pattern-based and anomaly-based. Pattern-based systems are explicitly programmed to detect certain known kinds of attack. Commercially available virus detection programs are a familiar and successful example of pattern-based intrusion detection. There are also several commercial intrusion detection systems for networks that recognize well-known intrusions. While pattern-based systems tend to have a low rate of false alarms, they do have limitations. They cannot detect novel attacks and their complexity grows as the number of well-known attacks grows, and it is difficult to keep them updated as the catalog of attacks grows. |
| قاعدة البيانات: |
Business Source Index |
