ToLeRating UR-STD

Feyereisl, Jan and Aickelin, Uwe (2008) ToLeRating UR-STD. In: 2nd International Conference on Emerging Security Information, Systems and Technologies, August 25-31, 2008, Cap Esterel, France.

[img] PDF (ToLeRating UR-STD) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (188kB)

Abstract

A new emerging paradigm of Uncertain Risk of Suspicion, Threat and Danger, observed across the field of information security, is described. Based on this paradigm a novel approach to anomaly detection is presented. Our approach is based on a simple yet powerful analogy from

the innate part of the human immune system, the Toll-Like Receptors. We argue that such receptors incorporated as part of an anomaly detector enhance the detector’s ability to distinguish normal and anomalous behaviour. In addition we propose that Toll-Like Receptors enable the classification of detected anomalies based on the types of attacks that perpetrate the anomalous behaviour. Classification of such type is either missing in existing literature or is not fit for the purpose of reducing the burden of an administrator of an intrusion detection system. For our model to work, we propose the creation of a taxonomy of the digital Acytota, based on which our receptors are created.

Item Type: Conference or Workshop Item (Paper)
Schools/Departments: University of Nottingham UK Campus > Faculty of Science > School of Computer Science
Depositing User: Aickelin, Professor Uwe
Date Deposited: 20 Nov 2008 15:13
Last Modified: 20 Nov 2008 15:13
URI: http://eprints.nottingham.ac.uk/id/eprint/984

Actions (Archive Staff Only)

Edit View Edit View