Towards scalable intrusion detection

Network Security

Volumn 2009, Issue 6, 2009, Pages 12-16

  Shaikh, Siraj A ^a   Chivers, Howard ^a   Nobles, Philip ^a   Clark, John A ^b   Chen, Hao ^b  

^a CRANFIELD UNIVERSITY   (United Kingdom)

^b UNIVERSITY OF YORK   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

INTRUSION DETECTION SYSTEMS;

COMPUTER CRIME;

INTRUSION DETECTION;

EID: 67649419077     PISSN: 13534858     EISSN: None     Source Type: Trade Journal    
DOI: 10.1016/S1353-4858(09)70064-9     Document Type: Article

References (31)

1. Mark Allman, Vern Paxson, and Jeff Terrell. A brief history of scanning. In Constantine Dovrolis and Matthew Roughan, editors, Proceedings of the 7th ACM SIGCOMM Conference on Internet Measurement 2007, San Diego, California, USA, October 2426, 2007, pages 77-82. ACM, 2007.
2. S. Antonatos, M. Athanatos, G. Kondaxis, J. Velegrakis, N. Hatzibodozis, S. Ioannidis, and E.P. Markatos. Honey@home: A new approach to largescale threat monitoring. Information Security Threats Data Collection and Sharing, WOMBAT Workshop on, 0:3-16, 2008.
3. Rebecca Bace. Chapter 4. analysis schemes.
4. Hao Chen, John A. Clark, Siraj A. Shaikh, Howard Chivers, and Philip Nobles. Searching for Optimal IDS Sensor Placement. Under Review.
5. Howard Chivers, John A. Clark and PauChen Cheng. Risk Profiles and Distributed Risk Assessment. Computers & Security. To Appear.
6. Howard Chivers, Siraj. A. Shaikh, Philip Nobles, John A. Clark, and Hao Chen. Accumulating evidence of insider attacks. The First International Workshop on Managing Insider Security Threats, held in conjunction with Third IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2009), West Lafayette, USA, June 15-19, 2009. To Appear.
7. Holger Dreger, Anja Feldmann, Vern Paxson, and Robin Sommer. Operational experiences with high-volume network intrusion detection. In Vijayalakshmi Atluri, Birgit Pfitzmann, and Patrick Drew McDaniel, editors, Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, Washingtion, DC, USA, October 2529, 2004, pages 2-11, ACM, 2004.
8. Holger Dreger, Anja Feldmann, Vern Paxson, and Robin Sommer. Predicting the resource consumption of network intrusion detection systems. In Richard Lippmann, Engin Kirda, and Ari Trachtenberg, editors, Recent Advances in Intrusion Detection, 11th International Symposium, RAID 2008, Cambridge, MA, USA, September 1517, 2008. Proceedings, volume 5230 of Lecture Notes in Computer Science, pages 135-154. Springer, 2008.
9. Carrie Gates, Joshua J. McNutt, Joseph B. Kadane, and Marc I. Kellner. Scan detection on very large networks using logistic regression modeling. Computers and Communications, IEEE Symposium on, 0:402-408, 2006.
10. Gleave S. The mechanics of lawful interception. Network Security 5 2007 (May 2007) 8-11
11. Jose M. González, Vern Paxson, and Nicholas Weaver. Shunting: a hardware/software architecture for flexible, high-performance network intrusion prevention. In Peng Ning, Sabrina De Capitani di Vimercati, and Paul F. Syverson, editors, Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, October 2831, 2007, pages 139-149. ACM, 2007.
12. Kyle Ingols, Richard Lippmann, and Keith Piwowarski. Practical attack graph generation for network defense. In 22nd Annual Computer Security Applications Conference, 2006. ACSAC '06, pages 121-130, 2006.
13. Somesh Jha, Oleg Sheyner, and Jeannette M. Wing. Two formal analyses of attack graphs. In Proceedings of the 15th IEEE workshop on Computer Security Foundations, pages 49-63. IEEE Computer Society, June 2002.
14. Kerschbaum F., Spafford E.H., and Zamboni D. Using internal sensors and embedded detectors for intrusion detection. Journal of Computer Security 10 1/2 (2002) 23-70
15. Christopher Kruegel, Fredrik Valeur, Giovanni Vigna, and Richard Kemmerer. Stateful Intrusion Detection for High-Speed Networks. In Proceedings of the IEEE Symposium on Security and Privacy, pages 285-293, Oakland, CA, May 2002. IEEE Press.
16. R. P. Lippmann and K. W. Ingols. An annotated review of past papers on attack graphs. Technical Report ESCTR2005054, MIT Lincoln Laboratory, Lexington, MA, 2005.
17. Ruoming Pang, Vinod Yegneswaran, Paul Barford, Vern Paxson, and Larry L. Peterson. Characteristics of internet background radiation. In Alfio Lombardo and James F. Kurose, editors, Proceedings of the 4th ACM SIGCOMM Conference on Internet Measurement 2004, Taormina, Sicily, Italy, October 2527, 2004, pages 27-40. ACM, 2004.
18. V. Paxson, K. Asanovic, S. Dharmapurikar, J. Lockwood, R. Pang, R. Sommer, and N. Weaver. Rethinking hardware support for network analysis and intrusion prevention. In Proceedings of the 1st USENIX Workshop on Hot Topics in Security, July 31st 2006, pages 63-68, 2006.
19. R. Sekar, Y. Guang, S. Verma, and T. Shanbhag. A high-performance network intrusion detection system. In ACM Conference on Computer and Communications Security, pages 8-17. ACM Press, 1999.
20. Siraj A. Shaikh, Howard Chivers, Philip Nobles, Hao Chen, and John A. Clark. A deployment value model for intrusion detection sensors. The 3rd International Conference on Information Security and Assurance, June 25-27, 2009, Seoul, Korea. Volume 5576 of the LNCS. Pages 250259. Springer.
21. Shaikh S.A., Chivers H., Nobles P., Clark J.A., and Chen H. Characterising intrusion detection sensors. Network Security 2008 9 (September 2008) 10-12
22. Staniford S., Hoagland J.A., and McAlerney J.M. Practical automated detection of stealthy portscans. Journal of Computer Security 10 1/2 (2002) 105-136
23. Stuart Staniford, Vern Paxson, and Nicholas Weaver. How to 0wn the internet in your spare time. In Proceedings of the 11th USENIX Security, pages 149-167. USENIX Association, 2002.
24. th May 2007, collocated with BSDCan 2007, Ottawa, Canada, 2007.
25. Ulf E. Larson, Stefan Lindkog, Dennis K. Nilsson and Erland Jonsson. OperatorCentric and Adaptive Intrusion Detection. Proceedings of the 2008 Fourth International Conference on Information Assurance and Security. Pages 161166. IEEE Computer Society.
26. Noel S., and Jajodia S. Optimal ids sensor placement and alert prioritization using attack graphs. Journal of Network and Systems Management 16 3 (September 2008) 259-275
27. M. Rolando, M. Rossi, N. Sanarico, and D. Mandrioli. A formal approach to sensor placement and configuration in a network intrusion detection system. In Proceedings of the 2006 International Workshop on Software Engineering for Systems, pages 65-71. ACM Press, May 2006.
28. O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing. Automated generation and analysis of attack graphs. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 273-284, May 2002.
29. R. W. Ritchey and P. Ammann. Using model checking to analyze network vulnerabilities. In IEEE Symposium on Security and Privacy, pages 156-165. IEEE Computer Society, 2000.
30. V. Mehta, C. Bartzis, H. Zhu, E. Clarke, and J. Wing. Ranking attack graphs. In Proceedings of Recent Advances in Intrusion Detection, volume LNCS 4219, pages 127-144, 2006.
31. X. Ou, W. F. Boyer, and M. A. McQueen. A scalable approach to attack graph generation. In CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, pages 336-345. ACM, 2006.