Distributed audit trail analysis

Abdelaziz Mounji; Baudouin Le Charlier; Denis Zampunidris; Naji Habra

doi:10.1109/NDSS.1995.390641

Distributed audit trail analysis

Abdelaziz Mounji, Baudouin Le Charlier, Denis Zampunidris, Naji Habra

Faculte d'informatique

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférence › Article dans les actes d'une conférence/un colloque

Résumé

An implemented system for on-line analysis of multiple distributed data streams is presented. The system is conceptually universal since it does not rely on any particular platform feature and uses format adaptors to translate data streams into its own standard format. The system is as powerful as possible (from a theoretical standpoint) but still efficient enough for on-line analysis thanks to its novel rule-based language (BUS-SEL) which is specifically designed for efficientpro-cessing of sequential unstructured data streams. In this paper, the generic concepts are applied to security audit trail analysis. The resulting system provides powerful network security monitoring and sophisticated tools for intrusion/anomaly detection. The rule-based and command languages are described as well as the distributed architecture and the implementation. Performance measurements are reported, showing the effectiveness of the approach.

langue originale	Anglais
titre	Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995
Editeur	Institute of Electrical and Electronics Engineers Inc.
Pages	102-112
Nombre de pages	11
ISBN (Electronique)	0818670274, 9780818670275
Les DOIs	https://doi.org/10.1109/NDSS.1995.390641
Etat de la publication	Publié - 1 janv. 1995
Evénement	1995 Symposium on Network and Distributed System Security, NDSS 1995 - San Diego, États-Unis Durée: 16 févr. 1995 → 17 févr. 1995

Série de publications

Nom	Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995

Une conférence

Une conférence	1995 Symposium on Network and Distributed System Security, NDSS 1995
Pays/Territoire	États-Unis
La ville	San Diego
période	16/02/95 → 17/02/95

Accès au document

10.1109/NDSS.1995.390641

Autres fichiers et liens

Link to publication in Scopus

Contient cette citation

Mounji, A., Le Charlier, B., Zampunidris, D., & Habra, N. (1995). Distributed audit trail analysis. Dans Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995 (p. 102-112). Article 390641 (Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/NDSS.1995.390641

@inproceedings{8d3ffccf631a4c44a2a47c442de954c3,

title = "Distributed audit trail analysis",

abstract = "An implemented system for on-line analysis of multiple distributed data streams is presented. The system is conceptually universal since it does not rely on any particular platform feature and uses format adaptors to translate data streams into its own standard format. The system is as powerful as possible (from a theoretical standpoint) but still efficient enough for on-line analysis thanks to its novel rule-based language (BUS-SEL) which is specifically designed for efficientpro-cessing of sequential unstructured data streams. In this paper, the generic concepts are applied to security audit trail analysis. The resulting system provides powerful network security monitoring and sophisticated tools for intrusion/anomaly detection. The rule-based and command languages are described as well as the distributed architecture and the implementation. Performance measurements are reported, showing the effectiveness of the approach.",

author = "Abdelaziz Mounji and {Le Charlier}, Baudouin and Denis Zampunidris and Naji Habra",

year = "1995",

month = jan,

day = "1",

doi = "10.1109/NDSS.1995.390641",

language = "English",

series = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "102--112",

booktitle = "Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995",

address = "United States",

note = "1995 Symposium on Network and Distributed System Security, NDSS 1995 ; Conference date: 16-02-1995 Through 17-02-1995",

}

Mounji, A, Le Charlier, B, Zampunidris, D & Habra, N 1995, Distributed audit trail analysis. Dans Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995., 390641, Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995, Institute of Electrical and Electronics Engineers Inc., p. 102-112, 1995 Symposium on Network and Distributed System Security, NDSS 1995, San Diego, États-Unis, 16/02/95. https://doi.org/10.1109/NDSS.1995.390641

Distributed audit trail analysis. / Mounji, Abdelaziz; Le Charlier, Baudouin; Zampunidris, Denis et al.
Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995. Institute of Electrical and Electronics Engineers Inc., 1995. p. 102-112 390641 (Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995).

Résultats de recherche: Contribution dans un livre/un catalogue/un rapport/dans les actes d'une conférence › Article dans les actes d'une conférence/un colloque

TY - GEN

T1 - Distributed audit trail analysis

AU - Mounji, Abdelaziz

AU - Le Charlier, Baudouin

AU - Zampunidris, Denis

AU - Habra, Naji

PY - 1995/1/1

Y1 - 1995/1/1

N2 - An implemented system for on-line analysis of multiple distributed data streams is presented. The system is conceptually universal since it does not rely on any particular platform feature and uses format adaptors to translate data streams into its own standard format. The system is as powerful as possible (from a theoretical standpoint) but still efficient enough for on-line analysis thanks to its novel rule-based language (BUS-SEL) which is specifically designed for efficientpro-cessing of sequential unstructured data streams. In this paper, the generic concepts are applied to security audit trail analysis. The resulting system provides powerful network security monitoring and sophisticated tools for intrusion/anomaly detection. The rule-based and command languages are described as well as the distributed architecture and the implementation. Performance measurements are reported, showing the effectiveness of the approach.

AB - An implemented system for on-line analysis of multiple distributed data streams is presented. The system is conceptually universal since it does not rely on any particular platform feature and uses format adaptors to translate data streams into its own standard format. The system is as powerful as possible (from a theoretical standpoint) but still efficient enough for on-line analysis thanks to its novel rule-based language (BUS-SEL) which is specifically designed for efficientpro-cessing of sequential unstructured data streams. In this paper, the generic concepts are applied to security audit trail analysis. The resulting system provides powerful network security monitoring and sophisticated tools for intrusion/anomaly detection. The rule-based and command languages are described as well as the distributed architecture and the implementation. Performance measurements are reported, showing the effectiveness of the approach.

UR - http://www.scopus.com/inward/record.url?scp=0002535673&partnerID=8YFLogxK

U2 - 10.1109/NDSS.1995.390641

DO - 10.1109/NDSS.1995.390641

M3 - Conference contribution

AN - SCOPUS:0002535673

T3 - Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995

SP - 102

EP - 112

BT - Proceedings of the Symposium on Network and Distributed System Security, NDSS 1995

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 1995 Symposium on Network and Distributed System Security, NDSS 1995

Y2 - 16 February 1995 through 17 February 1995

ER -

Distributed audit trail analysis

Résumé

Série de publications

Une conférence

Accès au document

Autres fichiers et liens

Empreinte digitale

Contient cette citation