Misuse detection

Misuse detection

Misuse detection actively works against potential insider threats to vulnerable company data.

Contents

Misuse

Misuse detection is an approach in detecting attacks. In misuse detection approach, we define abnormal system behaviour at first, and then define any other behaviour, as normal behaviour. It stands against anomaly detection approach which utilizes the reverse approach, defining normal system behaviour and defining any other behaviour as abnormal. In other words anything we don't know is normal. Using attack signatures in IDSes is an example of this approach.

Misuse detection has also been used to refer to all kinds of computer misuse.[1] See Intrusion detection.

Theory

In theory, It assumes that abnormal behaviour and activity has a simple to define model. Its advantage is simplicity of adding known attacks to the model. Its disadvantage is its inability to recognize unknown attacks.

References

  1. ^ Helman, Paul, Liepins, Gunar, and Richards, Wynette, "Foundations of Intrusion Detection," The IEEE Computer Security Foundations Workshop V, 1992

Further reading

For more information on Misuse Detection, including papers written on the subject, consider the following:


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать реферат

Look at other dictionaries:

  • Misuse Detection — actively works against potential insider threats to vulnerable company data.MisuseMisuse detection is an approach in detecting attacks. In misuse detection approach, we define abnormal system behaviour at first, and then define any other… …   Wikipedia

  • Misuse of statistics — A misuse of statistics occurs when a statistical argument asserts a falsehood. In some cases, the misuse may be accidental. In others, it is purposeful and for the gain of the perpetrator. When the statistical reason involved is false or… …   Wikipedia

  • Intrusion detection — In Information Security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. When Intrusion detection takes a preventive measure without direct human… …   Wikipedia

  • Anomaly detection — Anomaly detection, also referred to as outlier detection[1] refers to detecting patterns in a given data set that do not conform to an established normal behavior.[2] The patterns thus detected are called anomalies and often translate to critical …   Wikipedia

  • On the Detection and Overthrow of the So-Called Gnosis — On the Detection and Overthrow of the So Called Gnosis, today also called On the Detection and Overthrow of Knowledge Falsely So Called[1] (Greek: ἔλεγχος και άνατροπή της ψευδωνύμου γνώσεως, lit. Elenchus and Overturning of the Pseudonymous… …   Wikipedia

  • Anomaly-based intrusion detection system — An Anomaly Based Intrusion Detection System, is a system for detecting computer intrusions and misuse by monitoring system activity and classifying it as either normal or anomalous . The classification is based on heuristics or rules, rather than …   Wikipedia

  • Dept. of Computer Science, University of Delhi — संगणक विज्ञान विभाग Established 1981 Students 200 Location New Delhi, India Campus …   Wikipedia

  • CMDS — computer misuse detection system …   Medical dictionary

  • CMDS — • computer misuse detection system …   Dictionary of medical acronyms & abbreviations

  • Zopiclone — Systematic (IUPAC) name (RS) 6 (5 chloropyridin 2 yl) 7 oxo 6,7 dihydro 5H pyrrolo[3,4 b]pyrazin 5 yl 4 methylpiperazine 1 carboxylate Clinical data Trade n …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”