Improving the Efficiency of Misuse Detection

  title={Improving the Efficiency of Misuse Detection},
  author={Michael Meier and Sebastian Schmerl and Hartmut K{\"o}nig},
In addition to preventive mechanisms intrusion detection systems (IDS) are an important instrument to protect computer systems. Most IDSs used today realize the misuse detection approach. These systems analyze monitored events for occurrences of defined patterns (signatures), which indicate security violations. Up to now only little attention has been paid to the analysis efficiency of these systems. In particular for systems that are able to detect complex, multi-step attacks not much work… CONTINUE READING

From This Paper

Topics from this paper.


Publications citing this paper.
Showing 1-10 of 23 extracted citations

Automated Generation of Precise Signatures

Praxis der Informationsverarbeitung und Kommunikation • 2012
View 1 Excerpt

Constructing secured cognitive wireless networks: experiences and challenges

Wireless Communications and Mobile Computing • 2010
View 1 Excerpt

Explorative Visualization of Log Data to Support Forensic Analysis and Signature Development

2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering • 2010
View 1 Excerpt


Publications referenced by this paper.
Showing 1-10 of 22 references

CLIPS – A Tool for Building Expert Systems

G. Riley
View 12 Excerpts
Highly Influenced

A Model for the Semantics of Attack Signatures in Misuse Detection Systems

M. Meier
Proc. of 7th Information Security Conference (ISC • 2004
View 3 Excerpts
Highly Influenced

Analyzing Large Datasets of Network Data

J. McHugh Set, Bags, Rock, Roll
Computer Security – ESORICS • 2004
View 1 Excerpt

Entwurf und Entwicklung einer effizienten Analyseeinheit für Intrusion- Detection-Systeme (in German)

S. Schmerl
Diploma Thesis, • 2004
View 1 Excerpt

Implementierung eines auf dem Expertensystem-Tool CLIPS basierenden Intrusion Detection Systems (in German)

R. Krauz
Student Research Thesis, • 2004
View 1 Excerpt

Meier : A Model for the Semantics of Attack Signatures in Misuse Detection Systems

Proc . of the 18 th IFIP International Information Security Conference ( SEC • 2003

NetFlow: information loss or win?

Internet Measurement Workshop • 2002
View 1 Excerpt

Similar Papers

Loading similar papers…