Skip to main content
Conference Proceedings

Locality-based server profiling for intrusion detection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2008) 5075 LNCS 205-216
DOI: 10.1007/978-3-540-69304-8_21
0Citations
Citations of this article
6Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Detection of intrusion on network servers plays an ever more important role in network security. This paper investigates whether analysis of incoming connection behavior for properties of locality can be used to create a normal profile for network servers. Intrusions can then be detected due to their abnormal behavior. Experiments show that connections to a typical network server do in fact exhibit locality, and attacks can be detected through their violation of locality. © 2008 Springer-Verlag Berlin Heidelberg.

Author supplied keywords

Cite

CITATION STYLE

APA

Lee, R., & Lang, S. D. (2008). Locality-based server profiling for intrusion detection. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5075 LNCS, pp. 205–216). https://doi.org/10.1007/978-3-540-69304-8_21

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free