STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as seq...
Steve T. Eckmann, Giovanni Vigna, Richard A. Kemme...
Web servers are ubiquitous, remotely accessible, and often misconfigured. In addition, custom web-based applications may introduce vulnerabilities that are overlooked even by the ...
Giovanni Vigna, William K. Robertson, Vishal Kher,...
Intrusion detection systems are fundamentally passive and fail–open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intru...
Michael E. Locasto, Ke Wang, Angelos D. Keromytis,...
Society has grown to rely on Internet services, and the number of Internet users increases every day. As more and more users become connected to the network, the window of opportu...
Today’s network intrusion prevention systems (IPSs) must perform increasingly sophisticated analysis—parsing protocols and interpreting application dialogs rather than simply ...