Abstract. Audit trail patterns generated on behalf of a Unix process can be used to model the process behavior. Most of the approaches proposed so far use a table of fixed-length patterns to represent the process model. However, variable-length patterns seem to be more naturally suited to model the process behavior, but they are also more difficult to construct. In this paper, we present a novel technique to build a table of variable-length patterns. This technique is based on Teiresias, an algorithm initially developed for discovering rigid patterns in unaligned biological sequences. We evaluate the quality of our technique in a testbed environment, and compare it with the intrusion-detection system proposed by Forrest et al. [8], which is based on fixed-length patterns. The results achieved with our novel method are significantly better than those obtained with the original method based on fixed-length patterns.
Corporate decision makers have normally been Security-conscious enterprises understand that disconnected from the details of the security management managing Information Technology (IT) Security Risk is infrastructures of their organizations. The management of the critical element of their business resilience strategy. security resources has traditionally been the domain of a Lack of proper IT security controls places the entire small group of skilled and technically savvy professionals, enterprise at great risk. In the current business landscape, who report to the executive team. As threats become more IT security mechanisms are not (directly or indirectly) prevalent, attackers get smarter and the infrastructure correlated to business objectives. This lack of a direct link required to secure corporate assets become more complex, makes it is difficult to determine the right level of IT the communication gap between the decision makers and security to be employed by an organization and near the implementers has widened. The risk of impossible to justify investment levels in IT security misinterpretation of corporate strategy into technical safe controls. controls also increases with the above-mentioned trends.In parallel to this phenomenon, it can be observed that In this paper, we articulate a paradigm for managing business and technology factors are making traditional enterprise security called the Data Centric Security Model paradigms of computer security obsolete:(DCSM), which puts IT policy making in the hands of the corporate executives, so that security decisions can be * Integration or federation opens enterprises to their directly executed without the diluting effect of partners and to attacks and fraud originating from interpretation at different levels of the infrastructure and their networks. with the benefit of seeing direct correlation between business objective and security mechanism. Our articulation * Resource sharing, componentization and of the DCSM vision is a starting point for discussion and virtualization reduce barriers that once protected provides a rich platform for research into Business-Driven applications from each other. Security Management. * Provisioning engines and centralized directories (e.g.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.