IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

Use of Reconnaissance Patterns for Intelligent Monitoring Model

Use of Reconnaissance Patterns for Intelligent Monitoring Model
View Free PDF
Author(s): Mariana Hentea (Southwestern Oklahoma State University, USA)
Copyright: 2005
Pages: 4
Source title: Managing Modern Organizations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-822-2.ch039

Abstract

The increasing number of computer security attacks and intrusions affect organizations around the globe. This situation made security event management become mainstream important. One method called reconnaissance is used by hackers to choose networks and domains to search for targets before an attack. Reconnaissance allows a hacker to identify targets to be attacked or used for launching attacks. The targets are systems or networks with vulnerabilities. In order to protect against potential attackers, it is necessary to understand their reconnaissance methods and reasons. For example, by knowing the hacker’s reconnaissance targets, network administrators and security staff can verify the targets and improve the security of the targets or the network. However monitoring and analysis of hacker’s reconnaissance patterns has to be done correctly and continuously to determine the impact they may have on the security management. Network administrators need automated and effective techniques for recognizing and analysis of the reconnaissance patterns. The paper discusses a method for intelligent monitoring of the reconnaissance patterns, identification, and selection of hacker’s reconnaissance patterns to be used as inputs to the security event management model.

Body Bottom