NADIR (Network Anomaly Detection and Intrusion Reporter): A prototype network intrusion detection system
Conference
·
OSTI ID:6192985
The Network Anomaly Detection and Intrusion Reporter (NADIR) is an expert system which is intended to provide real-time security auditing for intrusion and misuse detection at Los Alamos National Laboratory's Integrated Computing Network (ICN). It is based on three basic assumptions: that statistical analysis of computer system and user activities may be used to characterize normal system and user behavior, and that given the resulting statistical profiles, behavior which deviates beyond certain bounds can be detected, that expert system techniques can be applied to security auditing and intrusion detection, and that successful intrusion detection may take place while monitoring a limited set of network activities such as user authentication and access control, file movement and storage, and job scheduling. NADIR has been developed to employ these basic concepts while monitoring the audited activities of more than 8000 ICN users.
- Research Organization:
- Los Alamos National Lab., NM (USA)
- Sponsoring Organization:
- DOE; USDOE, Washington, DC (USA)
- DOE Contract Number:
- W-7405-ENG-36
- OSTI ID:
- 6192985
- Report Number(s):
- LA-UR-90-3726; CONF-910596--1; ON: DE91004823
- Country of Publication:
- United States
- Language:
- English
Similar Records
NADIR: A prototype system for detecting network and file system abuse
NADIR: A prototype system for detecting network and file system abuse
A phased approach to network intrusion detection
Conference
·
Thu Oct 01 00:00:00 EDT 1992
·
OSTI ID:10187351
NADIR: A prototype system for detecting network and file system abuse
Conference
·
Tue Dec 31 23:00:00 EST 1991
·
OSTI ID:6995511
A phased approach to network intrusion detection
Conference
·
Mon Dec 31 23:00:00 EST 1990
·
OSTI ID:6036778