FLIPS: Hybrid adaptive intrusion prevention

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 3858 LNCS, Issue , 2006, Pages 82-101

  Locasto, Michael E ^a   Wang, Ke ^a   Keromytis, Angelos D ^a   Stolfo, Salvatore J ^a  

^a Mailcode 0401 ^*  (United States)

Author keywords

Adaptive Response; Intrusion Prevention; Intrusion Tolerance

Indexed keywords

ADAPTIVE RESPONSE; FEEDBACK LEARNING IPS (FLIPS); INSTRUCTION SET RANDOMIZATION (ISR); INTRUSION PREVENTION SYSTEM (IPS); INTRUSION TOLERANCE;

ADAPTIVE SYSTEMS; CLASSIFICATION (OF INFORMATION); CODES (SYMBOLS); ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; FEEDBACK; HYBRID COMPUTERS; SECURITY OF DATA; SEMANTICS;

COMPUTER CRIME;

EID: 33745652318     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/11663812_5     Document Type: Conference Paper

References (38)

1. th IEEE International Conference on Networks (ICON), pages 403-408, October 2003.
2. th USENIX Security Symposium, (to appear)., August 2005.
3. th ACM Conference on Computer and Communications Security (CCS), October 2003.
4. th USENIX Security Symposium, pages 105-120, August 2003.
5. S. Boyd and A. Keromytis. SQLrand: Preventing SQL Injection Attacks. In Applied Cryptography and Network Security (ACNS), pages 292-302, June 2004.
6. th Workshop on Hot Topics in Operating Systems (HOTOS-IX), May 2003.
7. F. Cuppens and A. Miege. Alert Correlation in a Cooperative Intrusion Detection Framework. In IEEE Security and Privacy, 2002.
8. st Workshop on Algorithms and Architectures for Self-Managing Systems, June 2003.
9. th Workshop on Hot Topics in Operating Systems, pages 67-72, 1997.
10. M. Handley, V. Paxson, and C. Kreibich. Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In Proceedings of the USENIX Security Conference, 2001.
11. th ACM International Conference on Computer and Communications Security (CCS), pages 190-199, November 2000.
12. th ACM Conference on Computer and Communications Security (CCS), October 2003.
13. H.-A. Kim and B. Karp. Autograph: Toward Automated, Distributed Worm Signature Detection. In Proceedings of the USENIX Security Conference, 2004.
14. S. T. King, Z. M. Mao, D. G. Lucchetti, and P. M. Chen. Enriching Intrusion Alerts Through Multi-host Causality, In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS), 2005
15. th USENIX Security Symposium, August 2002.
16. A. Kolesnikov and W. Lee, Advanced Polymorphic Worms: Evading IDS by Blending in with Normal Traffic. Technical report, Georgia Tech College of Computing, 2004
17. C. Krugel, T. Toth, and E. Kirda. Service Specific Anomaly Detection for Network Intrusion Detection. In Proceedings of the ACM Symposium on Applied Computing (SAC), 2002.
18. M. E. Locasto, J. J. Parekh, A. D. Keromytis, and S. J. Stolfo. Towards Collaborative Security and P2P Intrusion Detection. In Proceedings of the IEEE Information Assurance Workshop (IAW), pages 333-339, June 2005.
19. st Workshop on Hot Topics in System Dependability (HotDep-05), June 2005.
20. th Annual Network and Distributed System Security Symposium (NDSS), February 2005.
21. th International Workshop on Recent Advances in Intrusion Detection (RAID), September 1998.
22. T. Pietraszek. Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID), September 2004.
23. J. Pincus and B. Baker. Beyond Stack Smashing: Recent Advances in Exploiting Buffer Overflows. IEEE Security & Privacy, 2(4):20-27, July/August 2004.
24. J. C. Rabek, R. I. Khazan, S. M. Lewandowski, and R. K. Cunningham. Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code. In Proceedings of the Workshop on Rapid Malcode (WORM), 2003.
25. th Hawaii International Conference on System Sciences (HICSS), 2003.
26. th Symposium on Operating Systems Design and Implementation (OSDI), December 2004.
27. st Information Security Practice and Experience Conference (ISPEC), April 2005.
28. S. Sidiroglou and A. D. Keromytis. A Network Worm Vaccine Architecture. In Proceedings of the IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Workshop on Enterprise Security, pages 220-225, June 2003.
29. S. Sidiroglou, M. E. Locasto, S. W. Boyd, and A. D. Keromytis. Building a Reactive Immune System for Software Services. In Proceedings of the USENIX Annual Technical Conference, pages 149-161, April 2005.
30. S. Singh, C. Estan, G. Varghese, and S. Savage. Automated Worm Fingerprinting. In Proceedings of Symposium on Operating Systems Design and Implementation (OSDI), 2004.
31. th Annual Network and Distributed System Security Symposium, February 2005.
32. th USENIX Security Symposium, August 2000.
33. R. Sommer and V. Paxson. Enhancing Byte-Level Network Intrusion Detection Signatures with Context. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), pages 262-271, 2003.
34. A. Stig, A. Clark, and G. Mohay. Network-based Buffer Overflow Detection by Exploit Code Analysis. In AusCERT Conference, May 2004.
35. S. Stolfo. Worm and Attack Early Warning: Piercing Stealthy Reconnaissance. IEEE Privacy and Security, May/June 2004.
36. G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure Program Execution Via Dynamic Information Flow Tracking. SIGOPS Operating Systems Review, 38(5):85-96, 2004.
37. T. Toth and C. Kruegel. Accurate Buffer Overflow Detection via Abstract Payload Execution. In Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID), 2002.
38. th International Symposium on Recent Advances in Intrusion Detection (RAID), pages 203-222, September 2004.