USENIX Conference Policies
Transaction-Based Anomaly Detection
The increasing complexity of both tele and data communication networks yields new demands concerning network security. Especially the task of detecting, repulsing and preventing abuse by in- and outsiders is becoming more and more difficult. This paper deals with a new technique that appears to be suitable for solving these issues, i.e. anomaly detection based on the specification of transactions. The traditional transaction and serialization concepts are discussed, and a new model of anomaly detection, based on the concept of transactions, is introduced. Applying this model to known attacks gives a first insight concerning the feasibility of our approach.
BibTeX
@inproceedings {271731,
author = {Roland Buschkes and Mark Borning},
title = {{Transaction-Based} Anomaly Detection},
booktitle = {1st Workshop on Intrusion Detection and Network Monitoring (ID 99)},
year = {1999},
address = {Santa Clara, CA},
url = {https://www.usenix.org/conference/id-99/transaction-based-anomaly-detection},
publisher = {USENIX Association},
month = apr
}
author = {Roland Buschkes and Mark Borning},
title = {{Transaction-Based} Anomaly Detection},
booktitle = {1st Workshop on Intrusion Detection and Network Monitoring (ID 99)},
year = {1999},
address = {Santa Clara, CA},
url = {https://www.usenix.org/conference/id-99/transaction-based-anomaly-detection},
publisher = {USENIX Association},
month = apr
}