Scarfone et al., 2010 - Google Patents
Intrusion detection and prevention systemsScarfone et al., 2010
- Document ID
- 3266296318866939182
- Author
- Scarfone K
- Mell P
- Publication year
- Publication venue
- Handbook of information and communication security
External Links
Snippet
Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard …
- 238000001514 detection method 0 title abstract description 76
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12003485B2 (en) | Outbound/inbound lateral traffic punting based on process risk | |
| US10003608B2 (en) | Automated insider threat prevention | |
| US10855656B2 (en) | Fine-grained firewall policy enforcement using session app ID and endpoint process ID correlation | |
| Scarfone et al. | Guide to intrusion detection and prevention systems (idps) | |
| US7137145B2 (en) | System and method for detecting an infective element in a network environment | |
| CA2835954C (en) | Malware analysis system | |
| US20040255167A1 (en) | Method and system for remote network security management | |
| WO2016097757A1 (en) | A method and system for network access control based on traffic monitoring and vulnerability detection using process related information | |
| CN111295640B (en) | Fine-grained firewall policy enforcement using session App ID and endpoint process ID correlation | |
| Scarfone et al. | Intrusion detection and prevention systems | |
| Scarfone et al. | Sp 800-94. guide to intrusion detection and prevention systems (idps) | |
| Bdair et al. | Brief of intrusion detection systems in detecting ICMPv6 attacks | |
| Hindy et al. | A taxonomy of malicious traffic for intrusion detection systems | |
| Mohammed et al. | Automatic defense against zero-day polymorphic worms in communication networks | |
| Patel et al. | Security Issues, Attacks and Countermeasures in Layered IoT Ecosystem. | |
| Simkhada et al. | Security threats/attacks via botnets and botnet detection & prevention techniques in computer networks: a review | |
| Singh | Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) For Network Security: A Critical Analysis | |
| Thakare et al. | IDS: Intrusion detection system the survey of information security | |
| US20250240313A1 (en) | Large language model (llm) powered detection reasoning solution | |
| Sheikh | Certified Ethical Hacker (CEH) Preparation Guide | |
| Antrosiom et al. | Malware defense using network security authentication | |
| Karamagi | Comptia Security+ Practice Exams | |
| Pir | Intrusion detection techniques and open source intrusion detection (IDS) tools | |
| US12445484B2 (en) | Inline ransomware detection via server message block (SMB) traffic | |
| US20240333759A1 (en) | Inline ransomware detection via server message block (smb) traffic |