You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Formal Methods for Intrusion Detection of Windows NT Attacks

Tags:
network security

Overview This study develops a method to build Finite State Automaton (FSA) that models the dependencies between the Operating-System (OS)-level events recorded in the audit logs of a Windows NT machine. The FSA model contains both sequential and branching relations among audit log events that help the system administrator follow the steps of the intruder. Audit-Log-FSA (ALFSA) are relatively proportional to the size of the audit log, hence, may have too many states and transitions. The Superset-Intrusion-Signature-FSA (SISFSA) is extracted using formal methods on ALFSA. The SISFSA accepts a super set of the intruder's steps since not all of its actions may result in system failure, yet it provides the system administrator with a smaller set of patterns compared to ALFSA.

Further White Paper Details
Publisher	General Electric	File Format	PDF
Date Published	May 2008
Format	White Papers
Topics	Network Security, Security Management, Intrusion Detection Systems

Did you find this white paper useful?

Balancing Security Against Productivity

What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...

Publisher:
Novell

Security: New strides in preventing intrusions.

Need help eliminating risk in your IT environment? This ForwardView webshow describes how security appliances, which incorporate an array of security functions, can help you ward off security breaches without...

Publisher:
IBM

MessageLabs Intelligence : 2009 security Predictions

Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...

Publisher:
MessageLabs, now part of Symantec

IDC Vendor Spotlight

Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...

Publisher:
BeCrypt

Trend Micro Enterprise Security white paper

This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...

Publisher:
Trend Micro

The Bloor Perspective: a year in review

Clearly the Windows NT versus Linux debate will run on and on - particularly with the launch of Windows 2000, which will see a significant number of additional features to the operating system (not least its ability to be reconfigured without...

Channel:
Comment & Analysis

Microsoft warns of Windows VPN software flaws

It does not affect Windows 98, Windows 98SE, Windows ME or Windows NT 4.0. Workstations that aren't shared would not be vulnerable, because the attacker must have privileges to log onto the machine. This attack could most easily be carried out if...

Channel:
Security Strategy

SuSE deal is Novell's lifeline

During the 1990s, it became the target of Microsoft, which steadily picked away at the NetWare customer base with Windows NT. As Novell lost operating system customers, it began emphasising its strength in networking software for managing users...

Channel:
Servers

Hunt for source of Windows leak goes on

In October 2000, an intruder penetrated Microsoft's network and may have had access to the source code. Microsoft acknowledged on Thursday that a portion of the Windows 2000 and Windows NT 4 source code databases had been leaked.

Channel:
Operating Systems
Tags:
leak,
windows

Avoiding the next Northern Rock

One can argue that the Bank of England's and the FSA's controls should have been stringent enough to detect the situation. But ultimately the buck stops with Northern Rock chief executive Adam Applegarth and his board for their failure to identify...

As crunch bites: Don't neglect the logs

Log files may contain critical information that can throw to light anomalies, whether they are misconfigurations, inappropriate actions by individuals or evidence of other system vulnerabilities. Log files provide granular information about...

Featured White Papers

Harnessing the Power of Location Intelligence in the Public Sector

Throughout the world, public services today are under pressure. The current economic climate, where taxreceipts are naturally suppressed, provides very seriousfunding challenges. Moreover, in good times and bad, increasing regulation at the regional and national level is imposing additional duties and responsibilities on the public services without additional resources to carry them out. Store closures are changing the urban landscape. Demographic and/or economic change isincreasing demand for health and social services.Demand for decreased crime rates is focusing minds in law enforcement. And the threat of internationalterrorism is forcing greater contingency duties on the emergency services. The net result is a need to do more with lessÂ—quite a challenge.

Publisher:
Pitney Bowes

Buyers' Guide - How to ease the shift to mobile working

With momentum building behind mobile working, are higher costs inevitable when moving staff to laptops? Not necessarily. In fact it's possible to emerge with lower management overheads - and tighter security. Read on to find out more.

Publisher:
Intel

IBM Virtualization Services

Virtualization is a powerful technology and can have profound effects on the datacenter; however, it should be viewed as a component of an overall IT strategy that will be able to support the enterprise's needs. IDC recommends that enterprises look at theentire architecture and determine how to best deploy virtualization