Intrusion Detection in Distributed Systems

Dr. Sushil Jajodia is Professor and Chairman of the Dept. of Information and Software Engineering, and Director of the Center for Secure Information Systems at the George Mason University, Fairfax, Virginia, USA

Dedication.- List of Figures.- List of Tables.- Preface.- Acknowledgments.- 1. INTRODUCTION.- 1 Computer Security and Intrusion Detection.- 2 Intrusion Detection in Distributed Systems.- 3 Summary of Contributions.- 4 Organization.- 2. AN OVERVIEW OF RELATED RESEARCH.- 3. SYSTEM VIEW AND EVENT HISTORY.- 1 System View and Event History.- 4. MODELING REQUEST AMONG COOPERATING INTRUSION DETECTION SYSTEMS.- 1 Query.- 2 Scaling to Large and Heterogeneous Environments.- 3 Discussion.- 5. EXTENDING COMMON INTRUSION DETECTION FRAMEWORK (CIDF) TO SUPPORT QUERIES.- 1 Background.- 2 A Query Facility for CIDF.- 3 Impact on CIDF.- 6. A HIERARCHICAL MODEL FOR DISTRIBUTED ATTACKS.- 1 Misuse Signature.- 2 Defining System Views Using Signatures: A Hierarchical Model.- 3 Discussion.- 7. DECENTRALIZED DETECTION OF DISTRIBUTED ATTACKS.- 1 Serializable Signatures.- 2 Detection Task and Workflow Tree.- 3 Execution of Detection Tasks.- 4 Optimization.- 5 Generating Workflow Tree.- 8. CARDS: AN EXPERIMENTAL SYSTEM FOR DETECTING DISTRIBUTED ATTACKS.- 1 CARDS Architecture.- 2 System Design Issues.- 3 Prototype Implementation.- 9. CONCLUSION.- Appendices.- References.