Apress

Understanding Intrusion Detection through Visualization

By Stefan Axelsson , David Sands

Understanding Intrusion Detection through Visualization Cover Image

  • ISBN13: 978-0-3872-7634-2
  • 165 Pages
  • User Level: Science
  • Publication Date: June 1, 2006
  • Available eBook Formats: PDF
  • eBook Price: $129.00
Buy eBook Buy Print Book Add to Wishlist
Full Description
With the ever increasing use of computers for critical systems, computer security that protects data and computer systems from intentional, malicious intervention, continues to attract attention. Among the methods for defense, the application of a tool to help the operator identify ongoing or already perpetrated attacks (intrusion detection), has been the subject of considerable research in the past ten years. A key problem with current intrusion detection systems is the high number of false alarms they produce. Understanding Intrusion Detection through Visualization presents research on why false alarms are, and will remain a problem; then applies results from the field of information visualization to the problem of intrusion detection. This approach promises to enable the operator to identify false (and true) alarms, while aiding the operator to identify other operational characteristics of intrusion detection systems. This volume presents four different visualization approaches, mainly applied to data from web server access logs.
Table of Contents

Table of Contents

  1. Foreword by Dr. John McHugh, Canada Research Chair, Director, Privacy and Security Laboratory, Dalhousie University Halifax, N.S. Canada.
  2. Preface.
  3. Introduction.
  4. An Introduction to Intrusion Detection.
  5. The Base
  6. Rate Fallacy and the Difficulty of Intrusion Detection.
  7. Visualising Intrusions: Watching the Webserver.
  8. Combining a Bayesian Classifier with Visualisation.
  9. Visualising the Inner Workings of a Self Learning Classifier.
  10. Visualisation for Intrusion Detection: Hooking the Worm.
  11. References.
  12. Author Index.
  13. Index.
Errata

If you think that you've found an error in this book, please let us know about it. You will find any confirmed erratum below, so you can check if your concern has already been addressed.

* Required Fields

No errata are currently published