A Revised Taxonomy of Data Collection Mechanisms with a Focus on Intrusion Detection

March 04-March 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2008.38

2008 Third International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ulf Larson Articles by Erland Jonsson Articles by Stefan Lindskog

	ASCII Text	x
	Ulf Larson, Erland Jonsson, Stefan Lindskog, "A Revised Taxonomy of Data Collection Mechanisms with a Focus on Intrusion Detection," Availability, Reliability and Security, International Conference on, pp. 624-629, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.38, author = {Ulf Larson and Erland Jonsson and Stefan Lindskog}, title = {A Revised Taxonomy of Data Collection Mechanisms with a Focus on Intrusion Detection}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {624-629}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.38}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - A Revised Taxonomy of Data Collection Mechanisms with a Focus on Intrusion Detection SN - 978-0-7695-3102-1 SP624 EP629 A1 - Ulf Larson, A1 - Erland Jonsson, A1 - Stefan Lindskog, PY - 2008 KW - Taxonomy KW - Intrusion detection KW - Data collection VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Ulf Larson

Erland Jonsson

Stefan Lindskog

Surprisingly few data collection mechanisms have been used for intrusion detection, and most systems rely on network and system call data as input to the detection engine. Even though the quality of log data is vital to the detection process and heavily dependent on the collection mechanism, no extensive survey or taxonomy has beenconducted within the detection field. In this paper, we propose a revised taxonomy which provides a unified terminology and a framework in which data collection mechanisms can be systematically inspected, evaluated, and compared. Since the taxonomy is derived from existing mechanisms, it also provides a useful overview of different types of mechanisms. The paper also suggests areas within data collection where additional work is required.

Index Terms:

Taxonomy, Intrusion detection, Data collection

Citation:

Ulf Larson, Erland Jonsson, Stefan Lindskog, "A Revised Taxonomy of Data Collection Mechanisms with a Focus on Intrusion Detection," ares, pp.624-629, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.