排序方式: 共有51条查询结果,搜索用时 0 毫秒
1.
This paper describes data mining and data warehousing techniques that can improve the performance and usability of Intrusion
Detection Systems (IDS). Current IDS do not provide support for historical data analysis and data summarization. This paper
presents techniques to model network traffic and alerts using a multi-dimensional data model and star schemas. This data model was used to perform network security analysis and detect denial of service attacks. Our data model can also
be used to handle heterogeneous data sources (e.g. firewall logs, system calls, net-flow data) and enable up to two orders
of magnitude faster query response times for analysts as compared to the current state of the art. We have used our techniques
to implement a prototype system that is being successfully used at Army Research Labs. Our system has helped the security
analyst in detecting intrusions and in historical data analysis for generating reports on trend analysis.
Recommended by: Ashfaq Khokhar 相似文献
2.
Ammann P. Jajodia S. Frankl P.G. 《Parallel and Distributed Systems, IEEE Transactions on》1996,7(6):665-670
We consider communication structures for event ordering algorithms in distributed environments where information flows only in one direction. Example applications are multilevel security and hierarchically decomposed databases. Although the most general one directional communication structure is a partial order, partial orders do not enjoy the property of being consistently ordered, a formalization of the notion that local ordering decisions are ensured to be globally consistent. Our main result is that the crown free property is necessary and sufficient for a communication structure to be consistently ordered. We discuss the computational complexity of detecting crowns and sketch typical applications 相似文献
3.
Jajodia S. Mutchler D. 《IEEE transactions on pattern analysis and machine intelligence》1989,15(1):39-46
A consistency control algorithm is described for managing replicated files in the face of network partitioning due to node or communication link failures. It adopts a pessimistic approach in that mutual consistency among copies of a file is maintained by permitting files to be accessed only in a single partition at any given time. The algorithm simplifies the Davcev-Burkhard dynamic voting algorithm (1985) and also improves its availability by adding the notion of linearly ordered copies. A proof that any pessimistic algorithm with fresh reads is one-copy serializable is given 相似文献
4.
Detecting VoIP Floods Using the Hellinger Distance 总被引:1,自引:0,他引:1
Sengar H. Haining Wang Wijesekera D. Jajodia S. 《Parallel and Distributed Systems, IEEE Transactions on》2008,19(6):794-805
Voice over IP (VoIP), also known as Internet telephony, is gaining market share rapidly and now competes favorably as one of the visible applications of the Internet. Nevertheless, being an application running over the TCP/IP suite, it is susceptible to flooding attacks. If flooded, as a time-sensitive service, VoIP may show noticeable service degradation and even encounter sudden service disruptions. Because multiple protocols are involved in a VoIP service and most of them are susceptible to flooding, an effective solution must be able to detect and overcome hybrid floods. As a solution, we offer the VoIP flooding detection system (vFDS)-an online statistical anomaly detection framework that generates alerts based on abnormal variations in a selected hybrid collection of traffic flows. It does so by viewing collections of related packet streams as evolving probability distributions and measuring abnormal variations in their relationships based on the Hellinger distance-a measure of variability between two probability distributions. Experimental results show that vFDS is fast and accurate in detecting flooding attacks, without noticeably increasing call setup times or introducing jitter into the voice streams. 相似文献
5.
Solving multi-granularity temporal constraint networks 总被引:6,自引:0,他引:6
Many problems in scheduling, planning, and natural language understanding have been formulated in terms of temporal constraint satisfaction problems (TCSP). These problems have been extensively investigated in the AI literature providing effective solutions for some fragments of the general model. Independently, there has been an effort in the data and knowledge management research community for the formalization of the concept of time granularity and for its applications. This paper considers a framework for integrating the notion of time granularity into TCSP, and investigates the problems of consistency and network solution, which, in this context, involve complex manipulation of the periodic sets representing time granularities. A sound and complete algorithm for consistency checking and for deriving a solution is presented. The paper also investigates the algorithm's computational complexity and several optimization techniques specific to the multi-granularity context. An application to e-commerce workflows illustrates the benefits of the framework and the need for specific reasoning tools. 相似文献
6.
Privacy in geo-social networks: proximity notification with untrusted service providers and curious buddies 总被引:2,自引:0,他引:2
Sergio Mascetti Dario Freni Claudio Bettini X. Sean Wang Sushil Jajodia 《The VLDB Journal The International Journal on Very Large Data Bases》2011,20(4):541-566
A major feature of the emerging geo-social networks is the ability to notify a user when any of his friends (also called buddies)
happens to be geographically in proximity. This proximity service is usually offered by the network itself or by a third party service provider (SP) using location data acquired from the
users. This paper provides a rigorous theoretical and experimental analysis of the existing solutions for the location privacy
problem in proximity services. This is a serious problem for users who do not trust the SP to handle their location data and
would only like to release their location information in a generalized form to participating buddies. The paper presents two
new protocols providing complete privacy with respect to the SP and controllable privacy with respect to the buddies. The
analytical and experimental analysis of the protocols takes into account privacy, service precision, and computation and communication
costs, showing the superiority of the new protocols compared to those appeared in the literature to date. The proposed protocols
have also been tested in a full system implementation of the proximity service. 相似文献
7.
Bettini C. Wang X.S. Jajodia S. Lin J.-L. 《Knowledge and Data Engineering, IEEE Transactions on》1998,10(2):222-237
An important usage of time sequences is to discover temporal patterns. The discovery process usually starts with a user specified skeleton, called an event structure, which consists of a number of variables representing events and temporal constraints among these variables; the goal of the discovery is to find temporal patterns, i.e., instantiations of the variables in the structure that appear frequently in the time sequence. The paper introduces event structures that have temporal constraints with multiple granularities, defines the pattern discovery problem with these structures, and studies effective algorithms to solve it. The basic components of the algorithms include timed automata with granularities (TAGs) and a number of heuristics. The TAGs are for testing whether a specific temporal pattern, called a candidate complex event type, appears frequently in a time sequence. Since there are often a huge number of candidate event types for a usual event structure, heuristics are presented aiming at reducing the number of candidate event types and reducing the time spent by the TAGs testing whether a candidate type does appear frequently in the sequence. These heuristics exploit the information provided by explicit and implicit temporal constraints with granularity in the given event structure. The paper also gives the results of an experiment to show the effectiveness of the heuristics on a real data set 相似文献
8.
An extended authorization model for relational databases 总被引:3,自引:0,他引:3
Bertino E. Samarati P. Jajodia S. 《Knowledge and Data Engineering, IEEE Transactions on》1997,9(1):85-101
We propose two extensions to the authorization model for relational databases defined originally by P.G. Griffiths and B. Wade (1976). The first extension concerns a new type of revoke operation, called noncascading revoke operation. The original model contains a single, cascading revoke operation, meaning that when a privilege is revoked from a user, a recursive revocation takes place that deletes all authorizations granted by this user that do not have other supporting authorizations. The new type of revocation avoids the recursive revocation of authorizations. The second extension concerns negative authorization which permits specification of explicit denial for a user to access an object under a particular mode. We also address the management of views and groups with respect to the proposed extensions 相似文献
9.
Atluri V. Jajodia S. Bertino E. 《Knowledge and Data Engineering, IEEE Transactions on》1997,9(5):697-708
Multilevel security poses many challenging problems for transaction processing. The challenges are due to the conflicting requirements imposed by confidentiality, integrity, and availability-the three components of security. We identify these requirements on transaction processing in Multilevel Secure (MLS) database management systems (DBMSs) and survey the efforts of a number of researchers to meet these requirements. While our emphasis is primarily on centralized systems based on kernelized architecture, we briefly overview the research in the distributed MLS DBMSs as well 相似文献
10.
Jajodia Sushil Ng Peter A. 《IEEE transactions on pattern analysis and machine intelligence》1984,(6):614-618
In this paper, we study under what conditions will a pairwise inconsistent relational database ≪R,r≫ have a universal/representative instance L. If R is ?-acyclic and r satisfies all existence constraints, then it is possible to construct a universal instance L, using unmarked nulls, whose total projections onto R yield exactly the relations in r. We show that L would actually be a representative instance under a set of functional dependencies if R satisfies the additional mild condition: for any functional dependency X ? A where A is a single attribute, whenever XA is contained in two relation schemes R and R' of R, it follows that R ?R' is a relation scheme of R, having X as one of its keys. 相似文献