Sven Henkel

Learn More
We present a prototype of an Intrusion Warning System for combining event message flows of multiple domain-specific security tools in order to determine anomalies for early warning and response. Unlike other approaches for cooperating Intrusion Detection Systems (IDS), we suggest a modified star shape architecture for distributing attack information and(More)
This work investigates the amount of information about failures required to simulate a synchronous distributed system by an asynchronous distributed system prone to crash-recovery failures. A failure detection sequencer Σ CR for the crash-recovery failure model is defined, which outputs information about crashes and recoveries and about the state of the(More)
This paper presents an anomaly detection approach for application in Meta IDS environments, where locally generated event messages from several domains are centrally processed. The basic approach has been successfully used for detection of abnormal traffic structures in computer networks. It creates directed graphs from address specifications contained(More)
  • 1