An Approach for Independent Intrusion Detection Management Systems

The article discusses solutions in the field of SIEM (Security information and event management systems) and the operation of IDS / IPS class network intrusion detection / prevention systems. The general functional characteristics of these software products are presented, typical solutions for the inclusion of IDS / IPS in data transmission network are offered, at the second, third and fourth levels of the OSI model. A brief description and some practical examples of using IDS / IPS from Sourcefire, the SNORT product, are given.

Download Full-text

Data Breach: Key to Prevention and Intrusion Detection the Risk of a Library

Indian Journal of Information Sources and Services ◽

10.51983/ijiss.2018.8.2.535 ◽

2018 ◽

Vol 8 (2) ◽

pp. 8-11

Author(s):

Indranil Sarkar

Keyword(s):

Intrusion Detection ◽

National Security ◽

Information Management ◽

Communication Technology ◽

Information Exchange ◽

Management Systems ◽

Information Communication ◽

Confidential Information ◽

Data Flows ◽

Information Management Systems

The problem of protecting information and data flows has existed from the very first day of information exchange however advanced Information Communication Technology and information management systems become more and more powerful and distributed. In this article the author aver that the strategy need to implement measures to protect library from the rise of leak confidential information, both accidentally and maliciously, at tremendous cost in money, privacy, national security, and reputation.

Download Full-text

DBMS Log Analytics for Detecting Insider Threats in Contemporary Organizations

Advances in Electronic Government, Digital Divide, and Regional Development - Security Frameworks in Contemporary Electronic Government ◽

10.4018/978-1-5225-5984-9.ch010 ◽

2019 ◽

pp. 207-234 ◽

Cited By ~ 1

Author(s):

Muhammad Imran Khan ◽

Simon N. Foley ◽

Barry O'Sullivan

Keyword(s):

Intrusion Detection ◽

Database Management ◽

Intrusion Detection Systems ◽

Management Systems ◽

Insider Threats ◽

Detection Systems ◽

The Core ◽

Malicious Behavior ◽

Access Privileges ◽

Query Patterns

Insiders are legitimate users of a system; however, they pose a threat because of their granted access privileges. Anomaly-based intrusion detection approaches have been shown to be effective in the detection of insiders' malicious behavior. Database management systems (DBMS) are the core of any contemporary organization enabling them to store and manage their data. Yet insiders may misuse their privileges to access stored data via a DBMS with malicious intentions. In this chapter, a taxonomy of anomalous DBMS access detection systems is presented. Secondly, an anomaly-based mechanism that detects insider attacks within a DBMS framework is proposed whereby a model of normative behavior of insiders n-grams are used to capture normal query patterns in a log of SQL queries generated from a synthetic banking application system. It is demonstrated that n-grams do capture the short-term correlations inherent in the application. This chapter also outlines challenges pertaining to the design of more effective anomaly-based intrusion detection systems to detect insider attacks.

Download Full-text