Publication details

Home Publication details

A conceptual intrusion monitoring architecture and thoughts on practical implementation
Haskell-Dowland PS (Dowland PS), Furnell SM
Proceedings of the World Computer Congress 2000, 21-25 August, 2000
Download links:  Download PDF

The paper presents a conceptual description of the Intrusion Monitoring System (IMS) architecture, which is designed to facilitate detection of system penetration and other anomalous activity in a networked environment. The architecture is based upon eight functional elements, distributed between a monitoring host and a series of monitored client systems. The discussion also considers how the approach could be integrated within the Windows NT environment.

Haskell-Dowland PS (Dowland PS), Furnell SM