Planning for security management

TL;DR: Results indicate this system has significant potential for revealing anomalies in large network systems, and is decomposed into a network sensing device, a real-time processing component and a forensics component.

TL;DR: The system presented in this paper is a database system designed and implemented for monitoring the network traffic and capable to discover various operational patterns, provide sensible advices, and support the network planning activity.

TL;DR: In this paper, the authors present a design science project that addresses security management in cross-organizational settings based on a sequence of empirical studies involving interviews and an online survey, analyzing critical activities associated with security management from the perspective of service providers and auditors.

TL;DR: Within the SOCS (Societies Of ComputeeS) project, a language based on abductive semantics has been proposed as a mean to define interactions in open societies as discussed by the authors, which allows the designer to define open, extensible and not over-constrained protocols.

TL;DR: This survey of CLP is to give a systematic description of the major trends in terms of common fundamental concepts and the three main parts cover the theory, implementation issues, and programming for applications.

TL;DR: The use of automated tools for detecting computer system intrusion are described and further technologies that may be of use for intrusion detection in the future are described.

TL;DR: Haystack is a prototype system for the detection of intrusions in multiuser US Air Force computer systems that reduces voluminous system audit trails to short summaries of user behavior, anomalous events, and security incidents.

TL;DR: This work extends the BURIDAN probabilistic planning algorithm, adapting the action representation to model the behavior of imperfect sensors, and combines it with a framework for contingent action that extends the CNLP algorithm for conditional execution.