SRI Logo
About Us|R and D Divisions|Careers|Newsroom|Contact Us|SRI Home
  SRI Logo

Application-Integrated Data Collection for Security Monitoring
 by Dr. Ulf Lindqvist & Magnus Almgren.

From Recent Advances in Intrusion Detection (RAID 2001).
Springer, Davis, California.
October, 2001.
Pages 22–36.

This paper describes a new approach to collecting real-time transaction information from a server application and forwarding the data to an intrusion detection system. While the few existing application-based intrusion detection systems tend to read log files, the proposed application-integrated approach uses a module coupled with the application to extract the desired information. The paper describes the advantages of this approach in general, and how it complements traditional network-based and host-based data collection methods. The most compelling benefit is the ability to monitor transactions that are encrypted when transported to the application and therefore not visible to network traffic monitors. Further benefits include full insight into how the application interprets the transaction, and data collection that is independent of network line speed. To evaluate the proposed approach, we designed and implemented a data-collection module for the Apache Web server. Our experiments showed that the required implementation effort was moderate, that existing communication and analysis components could be used without incurring adaptation costs, and that the performance impact on the Web server is tolerable.
BibTEX Entry
    AUTHOR = {Magnus Almgren and Ulf Lindqvist},
    TITLE = {Application-Integrated Data Collection for Security Monitoring},
    BOOKTITLE = {Recent Advances in Intrusion Detection (RAID 2001)},
    YEAR = {2001},
    SERIES = {{LNCS}},
    PAGES = {22-36},
    ADDRESS = {Davis, California},
    MONTH = {October},
    PUBLISHER = {Springer},
    URL = {}


About Us  |  R&D Divisions  |  Careers  |  Newsroom  |  Contact Us
© 2024 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493
SRI International is an independent, nonprofit corporation. Privacy policy