We discuss the combination of two anomaly detection models, the Linux kernel module pH and cfengine, in order to create a multi-scaled approach to computer anomaly detection with automated response. By examining the time-average data from pH, we find the two systems to be conceptually complementary and to have compatible data models. Based on these findings, we build a simple prototype system and comment on how the same model could be extended to include other anomaly detection mechanisms. © 2003 by Springer Science+Business Media Dordrecht.
CITATION STYLE
Begnum, K. M., & Burgess, M. (2003). A Scaled, Immunological Approach to Anomaly Countermeasures. In Integrated Network Management VIII (pp. 31–42). Springer US. https://doi.org/10.1007/978-0-387-35674-7_3
Mendeley helps you to discover research relevant for your work.