A Network Audit System for Host-based Intrusion Detection (NASHID)
Page Content
Author
Tom Daniels, Eugene Spafford
Tech report number
CERIAS TR 1999-10
Entry type
techreport
Abstract
Recent work has shown that conventional operating system audit trails are insufficient to detect low-level network attacks. Because audit are typically based upon system calls or application sources, operations in the network protocol stack go unaudited. In our earlier work, we determined the audit data needed to detect low-level network attacks. in this paper we describe an implementation of an audit system which collects this data and analyze th issues that guided th implementation. Finally, we report the performance impact on th systm and the rat of audit data accumulation in a test network.
Download
Date
1999 – 21
Institution
Purdue University
Key alpha
Daniels
Publication Date
0000-00-00
Language
English
Footer
RSS Feeds
Combined XML Feed
News XML Feed Events XML Feed Weblogs XML Feed Security Seminar Podcast
Twitter: @cerias, @ceriasarchive, #cerias
CERIAS, Purdue University / Recitation Building / 656 Oval Drive / West Lafayette IN 47907-2086
phone (765)494-7841 / fax (765)496-3181
Copyright © 2013, Purdue University, all rights reserved. Purdue University is an equal access/equal opportunity university.
If you have trouble accessing this page because of a disability, please contact the CERIAS webmaster at webmaster@cerias.purdue.edu. Some content on this site may require the use of a special plug-in or application. Please visit our plug-ins page for links to download these applications.
Privacy Policy
