Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
Abstract - Technical Program - ID 99

Transaction-based Anomaly Detection

Roland Büschkes and Mark Borning, Aachen University of Technology; Dogan Kesdogan, communications GmbH & Co.


The increasing complexity of both tele and data communication networks yields new demands concerning network security. Especially the task of detecting, repulsing and preventing abuse by in- and outsiders is becoming more and more difficult. This paper deals with a new technique that appears to be suitable for solving these issues, i.e. anomaly detection based on the specification of transactions. The traditional transaction and serialization concepts are discussed, and a new model of anomaly detection, based on the concept of transactions, is introduced. Applying this model to known attacks gives a first insight concerning the feasibility of our approach.
  • View the full text of this paper in HTML form and PDF form.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

  • To become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 21 Mar 2002 ml
Technical Program
Conference Index