Programming and Computer Software

, Volume 33, Issue 4, pp 195–203 | Cite as

A model of the behavior of network objects in distributed computer systems

  • D. Yu. Gamayunov
  • R. L. Smelyanskii
Article

Abstract

A model designed for the analysis of intrusion detection methods is described. The model also helps validate such methods and estimate their complexity. In terms of this model, a new intrusion detection method is proposed, its validity is proved, and its computational complexity is evaluated. It differs from the available expert-based methods in that it does not impose constraints on the behavior being detected and makes it possible to detect unknown or modified attacks.

Keywords

Intrusion Detection Active Object Safe State Attack Detection Attack Pattern 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Amoroso, E.G., Intrusion Detection, Sparta, NJ: Intrusion. Net Books, 1999.Google Scholar
  2. 2.
    Ranum, M.J., Experiences Benchmarking Intrusion Detection Systems, http://www.snort.org /docs/Benchmarking-IDS-NFR.pdf.
  3. 3.
    Smelyanskii, R.L., A Model of the Operation of Distributed Computer Systems, Vestn. Mosk. Univ., Ser. 15, Vychisl. Mat. Kibern., No. 3, pp. 3–21.Google Scholar
  4. 4.
    Eckmann, S.T., Vigna, G., and Kemmerer, R.A., STATL: An Attack Language for State-Based Intrusion Detection, Depart. Of Computer Science, Univ. of California: Santa Barbara, 2000.Google Scholar
  5. 5.
    Sheyner, O., Scenario Graphs and Attack Graphs, PhD thesis, SCS, Carnegie Mellon Univ., 2004.Google Scholar
  6. 6.
    Smelyanskii, R.L. and Gamayunov, D.Yu., Modern Noncommercial Tools for Attack Detection, Moscow: Faculty of Computational Mathematics and Cybernetics, Mosc. Gos. Univ., 2002.Google Scholar
  7. 7.
    Smelyanskii, R.L. and Kachalin, A.I., Application of Neuron Networks for Detecting of Anomalous Behavior of Objects in Computer Networks, Moscow: Faculty of Computational Mathematics and Cybernetics, Mosc. Gos. Univ., 2004.Google Scholar
  8. 8.
    Gorodetski, V.I. and Kotenko, I.V., Attacks against Computer Network: Formal Grammar-Based Framework and Simulation Tool, St. Petersburg Institute for Informatics and Automation, RAID, 2002, pp. 219–238.Google Scholar
  9. 9.
    GOST (State Standard) R 50922-96: Information Protection: Main Terms and Definitions, 1996.Google Scholar

Copyright information

© Pleiades Publishing, Ltd. 2007

Authors and Affiliations

  • D. Yu. Gamayunov
    • 1
  • R. L. Smelyanskii
    • 1
  1. 1.Faculty of Computational Mathematics and CyberneticsMoscow State UniversityLeninskie gory, MoscowRussia

Personalised recommendations