Recent Advances in Intrusion Detection

1. Front Matter

   Pages I-X

   PDF

2. Logging

   1. Better Logging through Formality

      • Chapman Flack, Mikhail J. Atallah

      Pages 1-16

   2. A Pattern Matching Based Filter for Audit Reduction and Fast Detection of Potential Intrusions

      • Josué Kuri, Gonzalo Navarro, Ludovic Mé, Laurent Heye

      Pages 17-27

   3. Transaction-Based Pseudonyms in Audit Data for Privacy Respecting Intrusion Detection

      • Joachim Biskup, Ulrich Flegel

      Pages 28-48

3. Data Mining

   1. A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions

      • Wenke Lee, Rahul A. Nimbalkar, Kam K. Yee, Sunil B. Patil, Pragneshkumar H. Desai, Thuan T. Tran et al.

      Pages 49-65

   2. Using Finite Automata to Mine Execution Data for Intrusion Detection: A Preliminary Report

      • Christoph Michael, Anup Ghosh

      Pages 66-79

4. Modeling Process Behavior

   1. Adaptive, Model-Based Monitoring for Cyber Attack Detection

      • Alfonso Valdes, Keith Skinner

      Pages 80-93

   2. A Real-Time Intrusion Detection System Based on Learning Program Behavior

      • Anup K. Ghosh, Christoph Michael, Michael Schatz

      Pages 93-109

   3. Intrusion Detection Using Variable-Length Audit Trail Patterns

      • Andreas Wespi, Marc Dacier, Hervé Debar

      Pages 110-129

   4. Flexible Intrusion Detection Using Variable-Length Behavior Modeling in Distributed Environment: Application to CORBA Objects

      • Zakia Marrakchi, Ludovic Mé, Bernard Vivinis, Benjamin Morin

      Pages 130-144

5. IDS Evaluation

   1. The 1998 Lincoln Laboratory IDS Evaluation

      • John McHugh

      Pages 145-161

   2. Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation

      • Richard Lippmann, Joshua W. Haines, David J. Fried, Jonathan Korba, Kumar Das

      Pages 162-182

   3. Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection Systems

      • Dominique Alessandri

      Pages 183-196

6. Modeling

   1. LAMBDA: A Language to Model a Database for Detection of Attacks

      • Frédéric Cuppens, Rodolphe Ortalo

      Pages 197-216

   2. Target Naming and Service Apoptosis

      • James Riordan, Dominique Alessandri

      Pages 217-225

7. Back Matter

   Pages 227-227

   PDF

Since 1998, RAID has established its reputation as the main event in research on intrusion detection, both in Europe and the United States. Every year, RAID gathers researchers, security vendors and security practitioners to listen to the most recent research results in the area as well as experiments and deployment issues. This year, RAID has grown one step further to establish itself as a well-known event in the security community, with the publication of hardcopy proceedings. RAID 2000 received 26 paper submissions from 10 countries and 3 continents. The program committee selected 14 papers for publication and examined 6 of them for presentation. In addition RAID 2000 received 30 extended abstracts proposals; 15 of these extended abstracts were accepted for presentation. - tended abstracts are available on the website of the RAID symposium series, http://www.raid-symposium.org/. We would like to thank the technical p- gram committee for the help we received in reviewing the papers, as well as all the authors for their participation and submissions, even for those rejected. As in previous RAID symposiums, the program alternates between fun- mental research issues, such as newtechnologies for intrusion detection, and more practical issues linked to the deployment and operation of intrusion det- tion systems in a real environment. Five sessions have been devoted to intrusion detection technology, including modeling, data mining and advanced techniques.

• Audit Control
• Authentication
• Blu-ray
• Cryptoanalysis
• Cryptographic Attacks
• Data Mining
• Distributed Intrusion
• Execution Data Mining
• Intrusion Detection
• Loging
• Pattern Analysis
• Security
• privacy

• France Télécom R & D, Caen, France

  Hervé Debar

• SUPELEC, Cesson Sevigne Cedex, France

  Ludovic Mé

• Department of Computer Science, 2063 Engineering II, University of California at Davis, Davis, USA

  S. Felix Wu

Policies and ethics