DocumentCode
2344371
Title
Detection of anomalous computer session activity
Author
Vaccaro, H.S. ; Liepins, G.E.
Author_Institution
Los Alamos Nat. Lab., NM, USA
fYear
1989
fDate
1-3 May 1989
Firstpage
280
Lastpage
289
Abstract
The authors discusses Wisdom and Sense (W&S), a computer security anomaly detection system. W&S is statistically based. It automatically generates rules from historical data and, in terms of those rules, identifies computer transactions that are at variance with historically established usage patterns. Issues addressed include how W&S generates rules from a necessarily small sample of all possible transactions, how W&S deals with inherently categorical data, and how W&S assists system security officers in their review of audit logs. Preliminary results with W&S show that the software does periodically detect anomalies of high interest even in data though to be free of such events
Keywords
DP management; security of data; Wisdom and Sense; anomalous computer session activity; audit logs; categorical data; historical data; rules; system security officers; usage patterns; Computer security; Computer viruses; Data security; Event detection; Humans; Information security; Invasive software; Laboratories; National security; Physics computing;
fLanguage
English
Publisher
ieee
Conference_Titel
Security and Privacy, 1989. Proceedings., 1989 IEEE Symposium on
Conference_Location
Oakland, CA
Print_ISBN
0-8186-1939-2
Type
conf
DOI
10.1109/SECPRI.1989.36302
Filename
36302
Link To Document