|
000
| 02810nam 2200373zi 4500 |
|---|
| 001 | 9.892654 |
|---|
| 003 | CaOODSP |
|---|
| 005 | 20221107173230 |
|---|
| 006 | m o d f |
|---|
| 007 | cr mn||||||||| |
|---|
| 008 | 201021s2008 onca ob f000 0 eng d |
|---|
| 040 | |aCaOODSP|beng|erda|cCaOODSP |
|---|
| 041 | 0 |aeng|beng|bfre |
|---|
| 086 | 1 |aCo24-3/8-2008-2E-PDF |
|---|
| 100 | 1 |aMassicotte, Frederic, |eauthor. |
|---|
| 245 | 10|aAutomatic generation of intrusion detection verification rules : |breport on research progress to September 1, 2008 / |cFrederic Massicotte, Yvan Labiche and Lionel C. Briand. |
|---|
| 264 | 1|aOttawa : |bCommunication Research Centre Canada = Centre des recherches sur les communications Canada, |c2008. |
|---|
| 300 | |a1 online resource (iii, 14 pages) : |billustrations. |
|---|
| 336 | |atext|btxt|2rdacontent |
|---|
| 337 | |acomputer|bc|2rdamedia |
|---|
| 338 | |aonline resource|bcr|2rdacarrier |
|---|
| 490 | 1 |aCRC note ; |vVPNT2008/02 |
|---|
| 500 | |a"Ottawa, September 2008." |
|---|
| 500 | |aDigitized edition from print [produced by Innovation, Science and Economic Development Canada]. |
|---|
| 504 | |aIncludes bibliographical references (pages 13-14). |
|---|
| 520 | 3 |a"An Intrusion Detection System (IDS) is a crucial element of a network security posture. One class of IDS, called signature-based network IDSs, monitors network traffic, looking for evidence of malicious behavior as specified in attack descriptions (referred to as signatures). Many studies have reported that IDSs can generate thousands of alarms a day, many of which are false alarms. The problem often lies in the low accuracy of IDS signatures. It is therefore important to have more accurate signatures in order to reduce the number of false alarms. One part of the false alarm problem is the inability of IDSs to verify attacks (i.e. distinguish between successful and failed attacks). If IDSs were able to accurately verify attacks, this would reduce the number of false alarms a network administrator has to investigate. In this note, we demonstrate the feasibility of using a data mining algorithm to automatically generate IDS verification rules. We show that this automated approach is effective in reducing the number of false alarms when compared to other widely used and maintained IDSs"--Abstract, page ii. |
|---|
| 530 | |aIssued also in print format. |
|---|
| 546 | |aIncludes abstracts in English and French. |
|---|
| 650 | 0|aIntrusion detection systems (Computer security) |
|---|
| 650 | 6|aSystèmes de détection d'intrusion (Sécurité informatique) |
|---|
| 710 | 2 |aCommunications Research Centre (Canada), |eissuing body. |
|---|
| 830 | #0|aCRC technical note ;|vno. 2008/02.|w(CaOODSP)9.882494 |
|---|
| 856 | 40|qPDF|s1.54 MB|uhttps://publications.gc.ca/collections/collection_2020/isde-ised/Co24/Co24-3-8-2008-2-eng.pdf |
|---|