ネットワークセキュリティ:4.侵入検知システムに関する研究の現状
6
0
0
全文
(2) Log Data Source Anomaly Detection Network Data Source Misuse Detection 1980. 1984 1985. 1990 1989. 1986. 1992. 1994. 2000 1997 1998 1999. ASIM(USAF) Computer Security Threat Monitoring and Surveillance(JP Anderson). network. BlackICE. Haystack. W&S(LANL, NCSC, DOE) host-rule-base. NSM(UC-Davis) network-statistic. IDES(SRI). host-statistic, rule-base. (NetworkICE). (TAS, Haystack) Netranger(Cisco) CMDS(SAIC). network(personal). RealSecure(ISS). Stalker(Haystack) network-misuse host-statistic. An Intrusion Detection Model(DE Denning). eNTrax(Centrax) host-statistic. -1. CIDF : Common Intrusion Detection Framework SRI Dorothy Denning. Peter Neumann. IDES. -2 4. Intrusion Detection Expert System Denning " An Intrusion Detection Model ". 1986. 1. CIDF -2 4 1990. UC Davis Network Security Monitor NSM 2. -1 2 1. 42巻12号 情報処理 2001年12月. −2−. CIDF.
(3) Event Analyzer Anomaly Detection. Misuse Detection signature DB KnowledgeBase. 2. Event Generator. Event Database. Log. Preprocess. Profile. Network Packets. Preprocess. History data. countermeasures GUI. Notification and Report. Response Unit -2 Common Intrusion Detection Framework (CIDF). 2. anomaly detection 1. misuse detection. 4. misuse detection. anomaly detection. IPSJ Magazine Vol.42 No.12 Dec. 2001. −3−.
(4) Interne Internet t. IDS /cgi-bin/phf. IDS 4. i. B. h 3g. 9. /. 5. -. 8. n. 7. i. 1. /. 2. c Ap 6b. C. f. ihg/-ni/cpbf. /cgi-bin/phf. Insertion /cgiA-bAinA/pAhf /. c. g. i. A. -. b. A. i. n. A. /. p. A. h. f. /cgi-bin/phf. Evasion /. c g. i. -. b. i. n. /. p. h. f. /cgi-bin/phf. /cg-bn/pf. IDS -3. Insertion and Evasion Attack. false negative false positive. 1. 2. Fax Syslog. SNMP Trap. 2. 3. shun. 4. RESET 1990. TCP. OS TCP/IP. 42巻12号 情報処理 2001年12月. −4−. OS.
(5) Insertion and Evasion Attack -3 IDS. httpd. phf. IDS. Denial of Service. Mbps. -4 Mbps 1 576byte 1 68byte. 576byte. 90Mbps. 68byte. 4. -. IDS. IPSJ Magazine Vol.42 No.12 Dec. 2001. −5−.
(6) 1. Denning, D. E.: An Intrusion-Detection Model, IEEE Trans. Softw. Eng., Vol.SE-13, No.2, pp.222-232(1987). 2 Herberlein, L. T. et.al.: A Network Security Monitor, Proc. IEEE Comput. Soc. Sympo. on Research in Security and Privacy 1990, pp.296-304(1990). 3 (2000) 4 (2001) 13 11 12. 42巻12号 情報処理 2001年12月. −6−.
(7)
関連したドキュメント
These results indicate an interferenceeffectof visual context in picture detection and a facilitation effect of semanticcontext in word detection.. However,Experiment2 using
Chatterji : An Accelerated Method for the Detection of Alkali-aggregate Reactivity, Cement and Concrete
By those facts, E-nose technology which employs array of MOS gas sensors driven by the advanced temperature modulation technique was used to measure the gases and
Contrast-enhanced ultrasonography, oral cancer, oropharyngeal cancer, sentinel lymph node, Sonazoid TM , Superb Microvascular
CONCLUSIONS: We recommend using the precuneus and hippocampus as ROIs without modulation and smoothing for DARTEL-based voxel-based morphometry as a tool for diagnosing
In this paper, we propose the column-parallel LoS detection architecture for the integrated image sensor, which has a capability to track the saccade, as well as its implementation
When Misdetection radius was large, the ID length long, or the number of devices large, the Pair method was the best since it could reduces sequential blinking by adding bits
4 Case 2: Detection of human by vertical sensors from ceiling Through measurements and approximation of sensor characteristics, finally we got the relationships between
