标准号:ISO/IEC TR 15947-2002
实施状态:作废
中文名称:信息技术.安全技术.信息技术(IT)干扰探测框架
英文名称:Information technology - Security techniques - IT intrusion detection framework
发布日期:2002-10
采用标准:BS ISO/IEC TR 15947-2002,IDT;TS X 0104-2004,IDT;GOST R ISO/IEC TR 13335-5-2006,MOD
起草单位:ISO/IEC JTC 1
标准简介:This is a Type 3 Technical Report (TR), which defines a framework for detection of intrusions in IT systems. Many classes of intrusions are considered. These include intrusions that are intentional or unintentional, legal or illegal, harmful or harmless and unauthorized access by insiders or outsiders. The TR focuses on:
· establishing common definitions for terms and concepts associated with an IT intrusion detection framework,
· describing a generic model of intrusion detection,
· providing high level examples of attempts to exploit systems vulnerabilities,
· discussing common types of input data and the sources needed for an effective intrusion detection capability,
· discussing different methods and combinations of methods of intrusion detection analysis,
· describing activities/actions in response to indications of intrusions.
This framework explains intrusion detection terms and concepts and describes the relationship among them. Further, the framework addresses possible ordering of intrusion detection tasks and related activities.
This TR provides the basis for a common understanding of intrusion detection. This material aims to assist IT managers to deploy within their organizations Intrusion Detection Systems (IDS) that interact and work together. This TR should facilitate collaboration among organizations across the world where collaboration is desired and/or essential to counter intrusion attempts.
This framework document is not intended to cover every possible detail involved in intrusion detection, such as detailed attack patterns, or statistical anomalies, or the many configurations that an IDS could have.
文件格式:PDF
文件大小:542.64KB
文件页数:32
(以上信息更新时间为:2019-11-23)
文档语言及版本参照下方封面截图:
点击下方链接查看更多内容。