Sciweavers

RAID
2004
Springer
14 years 2 months ago
On the Design and Use of Internet Sinks for Network Abuse Monitoring
Abstract. Monitoring unused or dark IP addresses offers opportunities to significantly improve and expand knowledge of abuse activity without many of the problems associated with ...
Vinod Yegneswaran, Paul Barford, David Plonka
RAID
2004
Springer
14 years 2 months ago
Anomalous Payload-Based Network Intrusion Detection
We present a payload-based anomaly detector, we call PAYL, for intrusion detection. PAYL models the normal application payload of network traffic in a fully automatic, unsupervised...
Ke Wang, Salvatore J. Stolfo
RAID
2004
Springer
14 years 2 months ago
Attack Analysis and Detection for Ad Hoc Routing Protocols
Abstract. Attack analysis is a challenging problem, especially in emerging environments where there are few known attack cases. One such new environment is the Mobile Ad hoc Networ...
Yi-an Huang, Wenke Lee
RAID
2004
Springer
14 years 2 months ago
Detecting Unknown Massive Mailing Viruses Using Proactive Methods
The detection of unknown viruses is beyond the capability of many existing virus detection approaches. In this paper, we show how proactive customization of system behaviors can be...
Ruiqi Hu, Aloysius K. Mok
RAID
2004
Springer
14 years 2 months ago
Symantec Deception Server Experience with a Commercial Deception System
This paper provides an examination of an emerging class of security mechanisms often referred to as deception technologies or honeypots. It is based on our experience over the last...
Brian Hernacki, Jeremy Bennett, Thomas Lofgren
RAID
2004
Springer
14 years 2 months ago
Formal Reasoning About Intrusion Detection Systems
We present a formal framework for the analysis of intrusion detection systems (IDS) that employ declarative rules for attack recognition, e.g. specification-based intrusion detect...
Tao Song, Calvin Ko, Jim Alves-Foss, Cui Zhang, Ka...
RAID
2004
Springer
14 years 2 months ago
RheoStat: Real-Time Risk Management
As the frequency of attacks faced by the average host connected to the Internet increases, reliance on manual intervention for response is decreasingly tenable. Operating system an...
Ashish Gehani, Gershon Kedem
RAID
2004
Springer
14 years 2 months ago
Fast Detection of Scanning Worm Infections
Worm detection and response systems must act quickly to identify and quarantine scanning worms, as when left unchecked such worms have been able to infect the majority of vulnerabl...
Stuart E. Schechter, Jaeyeon Jung, Arthur W. Berge...
RAID
2004
Springer
14 years 2 months ago
HoneyStat: Local Worm Detection Using Honeypots
Worm detection systems have traditionally used global strategies and focused on scan rates. The noise associated with this approach requires statistical techniques and large data s...
David Dagon, Xinzhou Qin, Guofei Gu, Wenke Lee, Ju...