SwePub
Sök i LIBRIS databas

  Extended search

onr:"swepub:oai:DiVA.org:mdh-23692"
 

Search: onr:"swepub:oai:DiVA.org:mdh-23692" > Monitoring for Secu...

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist

Monitoring for Security Intrusion using Performance Signatures

Avritzer, A (author)
Siemens Corporate Research, USA
Tanikella, R (author)
Siemens Corporate Research, USA
James, K (author)
Siemens Corporate Research, USA
show more...
Cole, R (author)
JHU, Applied Physics Laboratory, USA
weyuker, elaine (author)
AT and T Labs, USA
show less...
 (creator_code:org_t)
2010-01-28
2010
English.
In: WOSP/SIPEW'10 - Proceedings of the 1st Joint WOSP/SIPEW International Conference on Performance Engineering. - New York, NY, USA : ACM. - 9781605585635 ; , s. 93-103
Related links:
https://urn.kb.se/re...
show more...
https://doi.org/10.1...
show less...
  • Conference paper (peer-reviewed)
Abstract Subject headings
Close  
  • A new approach for detecting security attacks on software systems by monitoring the software system performance signatures is introduced. We present a proposed architecture for security intrusion detection using off-the-shelf security monitoring tools and performance signatures. Our approach relies on the assumption that the performance signature of the well-behaved system can be measured and that the performancesignature of several types of attacks can be identified. This assumption has been validated for operations support systems that are used to monitor large infrastructures and receive aggregated traffic that is periodic in nature. Examples of such infrastructures include telecommunications systems, transportation systems and power generation systems. In addition, significant deviation from well-behaved system performance signatures can be used to trigger alerts about new types of security attacks. We used a custom performance benchmark and five types of security attacks to deriveperformance signatures for the normal mode of operation and the security attack mode of operation. We observed that one of the types of thesecurity attacks went undetected by the off-the-shelf security monitoring tools but was detected by our approach of monitoring performance signatures. We conclude that an architecture for security intrusion detection can be effectively complemented by monitoring of performance signatures.

Subject headings

NATURVETENSKAP  -- Data- och informationsvetenskap -- Datorteknik (hsv//swe)
NATURAL SCIENCES  -- Computer and Information Sciences -- Computer Engineering (hsv//eng)

Publication and Content Type

ref (subject category)
kon (subject category)

Find in a library

To the university's database

  • 1 of 1
  • Previous record
  • Next record
  •    To hitlist

Find more in SwePub

By the author/editor
Avritzer, A
Tanikella, R
James, K
Cole, R
weyuker, elaine
About the subject
NATURAL SCIENCES
NATURAL SCIENCES
and Computer and Inf ...
and Computer Enginee ...
Articles in the publication
WOSP/SIPEW'10 - ...
By the university
Mälardalen University

Search outside SwePub

Wikipedia about the author:
A_Avritzer
Avritzer, A
en

Kungliga biblioteket hanterar dina personuppgifter i enlighet med EU:s dataskyddsförordning (2018), GDPR. Läs mer om hur det funkar här.
Så här hanterar KB dina uppgifter vid användning av denna tjänst.

 
pil uppåt Close

Copy and save the link in order to return to this view