An intrusion-detection tutoring system using means-ends analysis
| dc.contributor.advisor | Rowe, Neil C. | |
| dc.contributor.author | Schiavo, Sandra Jean. | |
| dc.date | March 1995 | |
| dc.date.accessioned | 2013-08-13T22:06:23Z | |
| dc.date.available | 2013-08-13T22:06:23Z | |
| dc.date.issued | 1995-03 | |
| dc.identifier.uri | https://hdl.handle.net/10945/35082 | |
| dc.description.abstract | This research designed and implemented an intelligent tutoring system for teaching computer intrusion detection to potential or current system administrators of computer networks. The Intrusion- Detection Tutoring System (IDTS) is an intelligent tutoring system built using Quintus Prolog and METUTOR general-purpose tutoring software written by Professor Rowe. The operating environment of the IDTS is a virtual one, based on UNIX; it uses some common UNIX commands and file hierarchy. After both student and tutor analyze a static audit file to find suspicious and or malicious behavior, the student tries to fix the damage, and the computer critiques the student's actions using means-ends analysis. Using its nineteen behavior rules, IDTS can classify eleven different types of intruder behavior known to exploit system vulnerabilities, and can tutor the student how to detect this behavior and how to efficiently return the system to a secure state after the intrusion has occurred. Four different audit files of varying length were tested with IDTS. IDTS correctly identified most intruder behavior in both manually and computer generated audit files, and showed it could correctly tutor on that behavior. | en_US |
| dc.description.uri | http://archive.org/details/anintrusiondetec1094535082 | |
| dc.format.extent | 145 p. | en_US |
| dc.language.iso | en_US | |
| dc.publisher | Monterey, California. Naval Postgraduate School | en_US |
| dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
| dc.title | An intrusion-detection tutoring system using means-ends analysis | en_US |
| dc.type | Thesis | en_US |
| dc.contributor.department | Computer Science | |
| dc.description.funder | NA | en_US |
| dc.description.recognition | NA | en_US |
| dc.description.service | U.S. Navy (U.S.N.) author. | en_US |
| etd.thesisdegree.name | M.S. in Computer Science | en_US |
| etd.thesisdegree.level | Masters | en_US |
| etd.thesisdegree.discipline | Computer Science | en_US |
| etd.thesisdegree.grantor | Naval Postgraduate School | en_US |
Files in this item
This item appears in the following Collection(s)
-
1. Thesis and Dissertation Collection, all items
Publicly releasable NPS Theses, Dissertations, MBA Professional Reports, Joint Applied Projects, Systems Engineering Project Reports and other NPS degree-earning written works.
Related items
Showing items related by title, author, creator and subject.
-
An Intelligent Tutor for Intrusion Detection on Computer Systems
(Computers and Education, 1998-00-00);Intrusion detection is the process of identifying unauthorized usage of a computer system. It an important skill for computer-system administrators. It is difficult to learn on the job because it is needed only occasionally ... -
Comparisons of attacks on honeypots with those on real networks
(Monterey, California. Naval Postgraduate School, 2006-03);Honeypots are computer systems deliberately designed to be attack targets, mainly to learn about cyber-attacks and attacker behavior. When implemented as part of a security posture, honeypots also protect real networks by ... -
EVASION OF HONEYPOT DETECTION MECHANISMS THROUGH IMPROVED INTERACTIVITY OF ICS-BASED SYSTEMS
(Monterey, CA; Naval Postgraduate School, 2020-09);In recent years critical-infrastructure systems, particularly smart electrical grids, have become dependent on computer control systems and thus increasingly vulnerable to cyber attack. Attempts to defend these systems ...
