SCOPUS 정보 검색 플랫폼

Volumn 3548, Issue Detection of Intrusions and Malware, and Vulnerability Assessment: Second International Conference, DIMVA 2005. Proceedings, 2005, Pages 206-221

Enhancing the accuracy of network-based intrusion detection with host-based context

(4) Dreger, Holger a Kreibich, Christian b Paxson, Vern c Sommer, Robin a

a TECHNICAL UNIVERSITY OF MUNICH (Germany)

b UNIVERSITY OF CAMBRIDGE (United Kingdom)

c LAWRENCE BERKELEY NATIONAL LABORATORY (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTATIONAL COMPLEXITY; COMPUTER NETWORKS; HTTP; PROBLEM SOLVING; TELECOMMUNICATION TRAFFIC;

INTRUSION DETECTION; NETWORK-BASED SYSTEMS; TRAFFIC ANALYSIS;

SECURITY OF DATA;

EID: 26444591908 PISSN: 03029743 EISSN: None Source Type: Conference Proceeding
DOI: 10.1007/11506881_13 Document Type: Conference Paper

Times cited : (21)

References (26)

1
- 0004145058
- Insertion, evasion, and denial of service: Eluding network intrusion detection
- Secure Networks, Inc.
- Ptacek, T.H., Newsham, T.N.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Technical report, Secure Networks, Inc. (1998)
- (1998) Technical Report
- Ptacek, T.H.¹ Newsham, T.N.²

2
- 85084160972
- Network intrusion detection: Evasion, traffic normalization, and end-to-end protocol semantics
- Handley, M., Kreibich, C., Paxson, V.: Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In: Proc. 10th USENIX Security Symposium. (2001)
- (2001) Proc. 10th USENIX Security Symposium
- Handley, M.¹ Kreibich, C.² Paxson, V.³

3
- 84899126047
- Active mapping: Resisting NIDS evasion without altering traffic
- Shankar, U., Paxson, V.: Active Mapping: Resisting NIDS Evasion Without Altering Traffic. In: Proc. IEEE Symposium on Security and Privacy. (2003)
- (2003) Proc. IEEE Symposium on Security and Privacy
- Shankar, U.¹ Paxson, V.²

4
- 0002629036
- EMERALD: Event monitoring enabling responses to anomalous live disturbances
- Baltimore, MD
- Porras, P.A., Neumann, P.G.: EMERALD: Event monitoring enabling responses to anomalous live disturbances. In: National Information Systems Security Conference, Baltimore, MD (1997)
- (1997) National Information Systems Security Conference
- Porras, P.A.¹ Neumann, P.G.²

5
- 0002067431
- Netstat: A network-based intrusion detection system
- Vigna, G., Kemmerer, R.A.: Netstat: A network-based intrusion detection system. Journal of Computer Security 7 (1999) 37-71
- (1999) Journal of Computer Security , vol.7 , pp. 37-71
- Vigna, G.¹ Kemmerer, R.A.²

6
- 0034300682
- Intrusion detection using autonomous agents
- Spafford, E.H., Zamboni, D.: Intrusion Detection Using Autonomous Agents. Computer Networks 34 (2000) 547-570
- (2000) Computer Networks , vol.34 , pp. 547-570
- Spafford, E.H.¹ Zamboni, D.²

7
- 0033295259
- Bro: A system for detecting network intruders in real-time
- Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. Computer Networks 31 (1999)
- (1999) Computer Networks , vol.31
- Paxson, V.¹

8
- 0037886264
- Application-integrated data collection for security monitoring
- Lecture Notes in Computer Science, Springer-Verlag
- Almgren, M., Lindqvist, U.: Application-Integrated Data Collection for Security Monitoring. In: Proc. of Recent Advances in Intrusion Detection (RAID). Lecture Notes in Computer Science, Springer-Verlag (2001)
- (2001) Proc. of Recent Advances in Intrusion Detection (RAID)
- Almgren, M.¹ Lindqvist, U.²

9
- 26444567950
- Interfacing trusted applications with intrusion detection systems
- Lecture Notes in Computer Science, Springer-Verlag
- Welz, M., Hutchison, A.: Interfacing Trusted Applications with Intrusion Detection Systems. In: Proc. of Recent Advances in Intrusion Detection (RAID). Lecture Notes in Computer Science, Springer-Verlag (2001)
- (2001) Proc. of Recent Advances in Intrusion Detection (RAID)
- Welz, M.¹ Hutchison, A.²

10
- 14844305634
- Exploiting independent state for network intrusion detection
- TU München
- Sommer, R., Paxson, V.: Exploiting Independent State For Network Intrusion Detection. Technical Report TUM-I0420, TU München (2004)
- (2004) Technical Report , vol.TUM-I0420
- Sommer, R.¹ Paxson, V.²

11
- 78249258562
- Policy-controlled event management for distributed intrusion detection
- Kreibich, G., Sommer, R.: Policy-controlled Event Management for Distributed Intrusion Detection. In: Proc. 4th International Workshop on Distributed Event-Based Systems. (2005)
- (2005) Proc. 4th International Workshop on Distributed Event-based Systems
- Kreibich, G.¹ Sommer, R.²

12
- 14844324904
- Enhancing byte-level network intrusion detection signatures with context
- Sommer, R., Paxson, V.: Enhancing Byte-Level Network Intrusion Detection Signatures with Context. In: Proc. 10th ACM Conference on Computer and Communications Security. (2003)
- (2003) Proc. 10th ACM Conference on Computer and Communications Security
- Sommer, R.¹ Paxson, V.²

13
- 84861264923
- Broccoli: The Bro Client Communications Library
- Broccoli: The Bro Client Communications Library. http://www.cl. cam.ac.uk/~cpk25/broccoli/

14
- 85090433665
- Snort: Lightweight intrusion detection for networks
- Roesch, M.: Snort: Lightweight Intrusion Detection for Networks. In: Proc. 13th Systems Administration Conference (LISA). (1999) 229-238
- (1999) Proc. 13th Systems Administration Conference (LISA) , pp. 229-238
- Roesch, M.¹

15
- 2342577744
- Addison Wesley Professional
- Hoglund, G., McGraw, G.: Exploiting Software: How to Break Code. Addison Wesley Professional (2004)
- (2004) Exploiting Software: How to Break Code
- Hoglund, G.¹ McGraw, G.²

16
- 21244454934
- Uniform Resource Identifiers (URI): Generic syntax (1998)
- Berners-Lee, T., Fielding, R., Irvine, U., Masinter, L. Uniform Resource Identifiers (URI): Generic Syntax (1998) RFC 2396.
- RFC , vol.2396
- Berners-Lee, T.¹ Fielding, R.² Irvine, U.³ Masinter, L.⁴

17
- 84861255789
- Roelker, D.J. HTTP IDS Evasions Revisited. http://www.sourcefire.com/ products/downloads/secured/sf_HTTP_IDS_evasio ns.pdf (2004)
- (2004) HTTP IDS Evasions Revisited
- Roelker, D.J.¹

18
- 84861270711
- Internet Security Systems Security Alert Multiple Vendor IDS Unicode Bypass Vulnerability. http://xforce.iss.net/xforce/alerts/id/advise95 (2001)
- (2001) Internet Security Systems Security Alert Multiple Vendor IDS Unicode Bypass Vulnerability

19
- 84861260353
- CVE-2001-0333
- CVE-2001-0333. http://www.cve.mitre.org/cgi-bin/cvename.cgi? name=CVE-2000-0884 (2001)
- (2001)

20
- 14844312929
- Operational experiences with high-volume network intrusion detection
- Dreger, H., Feldmann, A., Paxson, V., Sommer, R.: Operational Experiences with High-Volume Network Intrusion Detection. In: Proc. 11th ACM Conference on Computer and Communications Security. (2004)
- (2004) Proc. 11th ACM Conference on Computer and Communications Security
- Dreger, H.¹ Feldmann, A.² Paxson, V.³ Sommer, R.⁴

21
- 84861264924
- libwhisker
- libwhisker. http://www.wiretrip.net/rfp

22
- 10444227706
- Puppy, R.F. A Look At Whisker's Anti-IDS Tactics. http://www. wiretrip.net/rfp/pages/whitepapers/whiskerids.html (1999)
- (1999) A Look at Whisker's Anti-IDS Tactics
- Puppy, R.F.¹

23
- 84861264920
- Nikto. http://www.cirt.net/code/nikto.shtml

24
- 84861260352
- URL encoder
- Roelker, D.J. URL encoder. http://code.idsresearch.org/encoder.c
- Roelker, D.J.¹

25
- 0003084683
- Httperf - A tool for measuring web server performance
- Madison, WI
- Mosberger, D., Jin, T.: httperf - A Tool For Measuring Web Server Performance. In: Proc. of the First Workshop on Internet Server Performance (WISP '98), Madison, WI. (1998) 59-67
- (1998) Proc. of the First Workshop on Internet Server Performance (WISP '98) , pp. 59-67
- Mosberger, D.¹ Jin, T.²

26
- 84861268857
- mod_benchmark Apache plugin. http://www.trickytools.com/php/ mod_benchmark.php
- Mod_benchmark Apache Plugin

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.