Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
Ptacek and Newsham [14] showed how to evade signature detection at Intrusion Prevention Systems (IPS) using TCP and IP Fragmentation. These attacks are implemented in tools like F...
George Varghese, J. Andrew Fingerhut, Flavio Bonom...
The prevalent use of the signature-based approach in modern intrusion detection systems (IDS) emphasizes the importance of the efficient management of the employed signature sets....
ABSTRACT Intrusion Detection Systems (IDSs) for Mobile Ad hoc NETworks (MANETs) are indispensable since traditional intrusion prevention based techniques are not strong enough to p...
In this paper, we study the impact of today’s IT policies, defined based upon a monoculture approach, on the performance of endhost anomaly detectors. This approach leads to th...