A Structured Approach to Selecting Data Collection Mechanisms for Intrusion Detection
Book chapter, 2011
This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. The guidelines are aimed to assist intrusion detection system developers, designers, and operators in selecting mechanisms for resource efficient data collection.
computer systems
data collection
intrusion detection
IT security
Author
Ulf Larson
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Erland Jonsson
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Stefan Lindskog
Norwegian University of Science and Technology (NTNU)
Karlstad University
Privacy, Intrusion Detection, and Response: Technologies for Protecting Networks
1-39
Areas of Advance
Information and Communication Technology
Transport
Subject Categories (SSIF 2011)
Computer Science
DOI
10.4018/978-1-60960-836-1