基于移动主机的安全和取证的有效报告(ER)

2007 4th IEEE Consumer Communications and Networking Conference Pub Date : 1900-01-01 DOI:10.1109/CCNC.2007.60

G. A. Jacoby, J. S. Ransbottom

{"title":"基于移动主机的安全和取证的有效报告(ER)","authors":"G. A. Jacoby, J. S. Ransbottom","doi":"10.1109/CCNC.2007.60","DOIUrl":null,"url":null,"abstract":"A mobile device's intrusion protection system (IPS) is at odds with itself: it should run as often as necessary and remain transparent to the system and the users; however, it should use as little system resources as possible to detect, report and prevent intrusions. By creating a forensics report that regularly monitors demands placed on battery current (mA) as well as correlating power and event activities, such as processes, open ports, and registry keys, a mobile host-based form of intrusion protection can be easily integrated into virtually any network intrusion detection system (IDS.) This paper outlines a novel design, test and build methodology to generate an effective security profile and an efficient bit-vector reporting format, to provide an enhancement in detecting, alerting and responding to various misuse conditions.","PeriodicalId":166361,"journal":{"name":"2007 4th IEEE Consumer Communications and Networking Conference","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Effective Reporting (ER) for Mobile Host-Based Security and Forensics\",\"authors\":\"G. A. Jacoby, J. S. Ransbottom\",\"doi\":\"10.1109/CCNC.2007.60\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A mobile device's intrusion protection system (IPS) is at odds with itself: it should run as often as necessary and remain transparent to the system and the users; however, it should use as little system resources as possible to detect, report and prevent intrusions. By creating a forensics report that regularly monitors demands placed on battery current (mA) as well as correlating power and event activities, such as processes, open ports, and registry keys, a mobile host-based form of intrusion protection can be easily integrated into virtually any network intrusion detection system (IDS.) This paper outlines a novel design, test and build methodology to generate an effective security profile and an efficient bit-vector reporting format, to provide an enhancement in detecting, alerting and responding to various misuse conditions.\",\"PeriodicalId\":166361,\"journal\":{\"name\":\"2007 4th IEEE Consumer Communications and Networking Conference\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 4th IEEE Consumer Communications and Networking Conference\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CCNC.2007.60\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 4th IEEE Consumer Communications and Networking Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCNC.2007.60","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

移动设备的入侵保护系统(IPS)本身就存在矛盾:它应该尽可能频繁地运行，并对系统和用户保持透明;然而，它应该使用尽可能少的系统资源来检测、报告和防止入侵。通过创建定期监视对电池电流(mA)的需求以及相关电源和事件活动(如进程、开放端口和注册表项)的取证报告，基于移动主机的入侵保护形式可以轻松集成到几乎任何网络入侵检测系统(IDS)中。本文概述了一种新的设计、测试和构建方法，以生成有效的安全配置文件和有效的位矢量报告格式，以增强检测、警报和响应各种误用情况。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Effective Reporting (ER) for Mobile Host-Based Security and Forensics

A mobile device's intrusion protection system (IPS) is at odds with itself: it should run as often as necessary and remain transparent to the system and the users; however, it should use as little system resources as possible to detect, report and prevent intrusions. By creating a forensics report that regularly monitors demands placed on battery current (mA) as well as correlating power and event activities, such as processes, open ports, and registry keys, a mobile host-based form of intrusion protection can be easily integrated into virtually any network intrusion detection system (IDS.) This paper outlines a novel design, test and build methodology to generate an effective security profile and an efficient bit-vector reporting format, to provide an enhancement in detecting, alerting and responding to various misuse conditions.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 4th IEEE Consumer Communications and Networking Conference

自引率

0.00%

发文量

期刊最新文献

Utility Constrained Energy Minimization In Aloha Networks Ensuring Cache Freshness in On-Demand Routing Protocols for Mobile Ad Hoc Network: A Cross-layer Framework Fuzzy Logic for Cross-layer Optimization in Cognitive Radio Networks Automated Trustworthiness Management for Database Software Components Combining VoiceXML with CCXML: A Comparative Study