Accession Number:

ADA458982

Title:

Distinguishing Novel Usage From Novel Attacks

Descriptive Note:

Final rept. 1 Jul 2003-31 Aug 2006

Corporate Author:

ATC-NY ITHACA NY

Personal Author(s):

Report Date:

2006-09-01

Pagination or Media Count:

17.0

Abstract:

In this project, ATC-NY is developing methods for evaluating anomalous behavior concurrently with reacting to it. Anomalous events that are not so suspicious as to cause an immediate alarm are continually reexamined in the light of later events, with the goal of eventually understanding whether they are benign or malign. As time goes on, the IDS should become familiar with common attacks, even while it continually adapts to small changes in normal behavior. By focusing on the long-term problem building up knowledge, the proposed IDS should become better over time at solving the short-term problem detecting attacks.

Subject Categories:

  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE