Modeling and analyzing intrusion attempts to a computer network operating in a defense-in-depth posture

View/ Open
Author
Givens, Mark Allen
Date
2004-09Advisor
Bordetsky, Alex
Roth, Joe
Metadata
Show full item recordAbstract
In order to ensure the confidentially, integrity, and availability of networked resources operating on the Global Information Grid, the Department of Defense has incorporated a "Defense-in-Depth" posture. This posture includes the use of network security mechanisms and does not rely on a single defense for protection. Firewalls, Intrusion Detection Systems (IDS's), Anti-Virus (AV) software, and routers are such tools used. In recent years, computer security discussion groups have included IDS's as one of their most relevant issues. These systems help identify intruders that exploit vulnerabilities associated with operating systems, application software, and computing hardware. When IDS's are utilized on a host computer or network, there are two primary approaches to detecting and / or preventing attacks. Traditional IDS's, like most AV software, rely on known "signatures" to detect attacks. This thesis will focus on the secondary approach: Anomaly or "behavioral based" IDS's look for abnormal patterns of activity on a network to identify suspicious behavior.
Description
Approved for public release; distribution is unlimited
Collections
Related items
Showing items related by title, author, creator and subject.
-
Homeland Security Affairs Journal, Volume II - 2006: Issue 2, July
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2006-07);July 2006. The July 2006 issue of Homeland Security Affairs offers articles about risk perception, domestic right wing extremist groups, social network analysis, and the impact of foreign policy on homeland security. It ... -
The optimal employment and defense of a deep seaweb acoustic network for submarine communications at speed and depth using a defender-attacker-defender model
Hendricksen, Andrew D. (Monterey, California: Naval Postgraduate School, 2013-09);The need for submarines to execute communications at speed and depth (CSD) is a vital link in our nations and our allies defense network. A promising method to do this without limiting the inherent stealth and advantage ... -
The activation and testing of the network CODASYL-DML interface of the M_x001B_p2_x001B_sDBMS using the EWIR database
Werre, Timothy J.; Diehl, Barry A. (Monterey, California. Naval Postgraduate School, 1996-06);The Electronic Warfare Integrated Reprogramming Database (EWIRDB) is the primary Department of Defense source for technical parametric performance data on non-communications emitters. A problem of the EWIRDB is that the ...