The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Haystack: An Intrusion Detection System

Author

Stephen E. Smaha

Entry type

inproceedings

Abstract

Haystack is a prototype system for the detection of intrusions in multi-user Air Force computer systems. Haystack reduces voluminous system audit trails to short summaries of user behaviors, anomalous events, and security incidents. This is designed to help the System Security Officer (SSO) detect and investigate intusions, particulary by insiders (authorized users.) Haystack's operation is based on behavioral constraints imposed by security policies and on models of typical behavior for user groups and individual users.

Date

1988 – December

URL

http://ieeexplore.ieee.org/sta ... =113412&isnumber=3362

Institution

IEEE

Journal

IEEE

Key alpha

Smaha

Note

Fourth Aerospace Computer Security Applications Conference - Dec 12-16 1988

Pages

37 - 44

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.