{"title":"检测异常的计算机会话活动","authors":"H. S. Vaccaro, G. Liepins","doi":"10.1109/SECPRI.1989.36302","DOIUrl":null,"url":null,"abstract":"The authors discusses Wisdom and Sense (W&S), a computer security anomaly detection system. W&S is statistically based. It automatically generates rules from historical data and, in terms of those rules, identifies computer transactions that are at variance with historically established usage patterns. Issues addressed include how W&S generates rules from a necessarily small sample of all possible transactions, how W&S deals with inherently categorical data, and how W&S assists system security officers in their review of audit logs. Preliminary results with W&S show that the software does periodically detect anomalies of high interest even in data though to be free of such events.<<ETX>>","PeriodicalId":126792,"journal":{"name":"Proceedings. 1989 IEEE Symposium on Security and Privacy","volume":"76 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1989-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"213","resultStr":"{\"title\":\"Detection of anomalous computer session activity\",\"authors\":\"H. S. Vaccaro, G. Liepins\",\"doi\":\"10.1109/SECPRI.1989.36302\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The authors discusses Wisdom and Sense (W&S), a computer security anomaly detection system. W&S is statistically based. It automatically generates rules from historical data and, in terms of those rules, identifies computer transactions that are at variance with historically established usage patterns. Issues addressed include how W&S generates rules from a necessarily small sample of all possible transactions, how W&S deals with inherently categorical data, and how W&S assists system security officers in their review of audit logs. Preliminary results with W&S show that the software does periodically detect anomalies of high interest even in data though to be free of such events.<<ETX>>\",\"PeriodicalId\":126792,\"journal\":{\"name\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"volume\":\"76 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1989-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"213\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. 1989 IEEE Symposium on Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECPRI.1989.36302\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. 1989 IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1989.36302","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The authors discusses Wisdom and Sense (W&S), a computer security anomaly detection system. W&S is statistically based. It automatically generates rules from historical data and, in terms of those rules, identifies computer transactions that are at variance with historically established usage patterns. Issues addressed include how W&S generates rules from a necessarily small sample of all possible transactions, how W&S deals with inherently categorical data, and how W&S assists system security officers in their review of audit logs. Preliminary results with W&S show that the software does periodically detect anomalies of high interest even in data though to be free of such events.<>
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
