Abstract - Technical Program - ID 99
Transaction-based Anomaly Detection
Roland Büschkes and Mark Borning, Aachen University of
Technology; Dogan Kesdogan, o.tel.o communications GmbH &
The increasing complexity of both tele and data communication networks yields
new demands concerning network security. Especially the task of detecting, repulsing and
preventing abuse by in- and outsiders is becoming more and more difficult. This paper
deals with a new technique that appears to be suitable for solving these issues, i.e.
anomaly detection based on the specification of transactions. The traditional transaction
and serialization concepts are discussed, and a new model of anomaly detection, based on
the concept of transactions, is introduced. Applying this model to known attacks gives a
first insight concerning the feasibility of our approach.
- View the full text of this paper in
- If you need the latest Adobe Acrobat Reader, you can download it
- To become a USENIX Member, please see our Membership Information.