Guidance for Selecting Data Collection Mechanisms for Intrusion Detection
Kapitel i bok, 2014

This chapter aims at providing a clear and concise picture of data collection for intrusion detection. It provides a detailed explanation of generic data collection mechanism components and the interaction with the environment, from initial triggering to output of log data records. Taxonomies of mechanism characteristics and deployment considerations are provided and discussed. Furthermore, guidelines and hints for mechanism selection and deployment are provided. Finally, this chapter presents a set of strategies for determining what data to collect, and it also discusses some of the challenges in the field. An appendix providing a classification of 50 studied mechanisms is also provided. This chapter aims at assisting intrusion detection system developers, designers, and operators in selecting mechanisms for resource efficient data collection.

data collection

computer security

intrusion detection

Författare

Ulf Larson

Ericsson AB

Erland Jonsson

Chalmers, Data- och informationsteknik, Nätverk och system

Stefan Lindskog

Karlstads universitet

Handbook of Research on Emerging Developments in Data Privacy

340-370

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Data- och informationsvetenskap

Datavetenskap (datalogi)

DOI

10.4018/978-1-4666-7381-6

Mer information

Senast uppdaterat

2021-08-26