Collaborating against common enemies

Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC

Volumn , Issue , 2005, Pages 365-378

  Katti, Sachin ^a   Krishnamurthy, Balachander ^b   Katabi, Dina ^a  

^a MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

^b AT AND T LABS RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

INTRUSION DETECTION SYSTEMS; IP ADDRESSS; LARGE DATASET; OFFLINE; REAL TIME;

INTERNET PROTOCOLS;

INTRUSION DETECTION;

EID: 79960561313     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (29)

1. Computer Emergency Readiness Team. http://www.us-cert.gov/.
2. Distributed Intrusion Detection System. http://www.dshield.org/.
3. E. Cooke, M. Bailey, D. Watson, F. Jahanian, and D. McPherson. Towards understanding distributed blackhole placement. In The 2nd Workshop on Rapid Malcode (WORM) Fairfax, Virginia, October 29, 2004.
4. F. Cuppens and A. Miege. Alert correlation in a cooperative intrusion detection framework. In 2002 IEEE Symposium on Security and Privacy.
5. D. Curry and H. Debar. Intrusion detection message exchange format: Extensible markup language (xml) document type definition, 2001.
6. F-SECURE. F-secure virus descriptions: Santy. http://www.f-secure.com/v- descs/santy-a.shtml/.
7. B. Feinstein, G. Matthews, and J. White. The intrusion detection exchange protocol (idxp), 2003.
8. N. Habra, B. L. Charlier, A. Mounji, and I. Mathieu. ASAX: Software architecture and rule-based language for universal audit trail analysis. In ESORICS, 1992.
9. L. T. Heberlein, B. Mukherjee, and K. N. Levitt. Internet security monitor: An intrusion detection system for large-scale networks. In Proceedings of the 15th National Computer Security Conference, 1992.
10. J. Hochberg, K. Jackson, C. Stallings, J. McClary, and J. DuBois, D.and Ford. NADIR: An automated system for detecting network intrusions and misuse. In Proceedings of Computers and Security 12(1993)3, 1993.
11. A. Hussain, J. Heidemann, and C. Papadopoulos. COSSACK: Coordinated Suppression of Simultaneous Attacks. In DISCEX, 2003.
12. C. Krugel, T. Toth, and C. Kerer. Decentralized Event Correlation for Intrusion Detection. In 4th International Conference on Information Security and Cryptology 2001.
13. P. Lincoln, P. Porras, and V. Shmatikov. Privacy-Preserving Sharing and Correlation of Security Alerts. In Usenix Security 2004, San Diego, CA.
14. M. Locasto and et al. Collaborative Distributive Intrusion Detection. In CU Tech Report CUCS-012-04, 2004.
15. J. McConnell, D. Frincke, D. Tobin, J. Marconi, and D. Polla. A framework for cooperative intrusion detection. In NISSC, pages 361-373, 1998.
16. D. Moore, C. Shannon, G. Voelker, and S. Savage. Internet Quarantine: Requirements for Containing Self-Propagating Code. In INFOCOM, 2003.
17. D. Moore, G. M. Voelker, and S. Savage. Inferring internet Denial-of-Service activity. In USENIX Security 2001.
18. R. Pang, V. Yegneswaran, P. Barford, V. Paxson, and L. Peterson. Characteristics of Internet Background Radiation. In Proceedings of the IMC 2004.
19. V. Paxson. Bro: a system for detecting network intruders in real-time. Computer Networks (Amsterdam, Netherlands: 1999), 31(23-24):2435-2463, 1999.
20. P. A. Porras and P. G. Neumann. EMERALD: Event monitoring enabling responses to anomalous live disturbances. In Proc. 20th NIST-NCSC National Information Systems Security Conference, 1997.
21. A. Snapp and et. al. Distributed intrusion detection system - motivation, architecture, and an early prototype. In Proceedings of the 14th NCSC, 1991.
22. E. Spafford and Z. D. Intrusion detection using autonomous agents. In Computer Networks, Volume 34, 2000.
23. S. Staniford-Chen and et. al. GrIDS - A graph-based intrusion detection system for large networks. In 19th National Information Systems Security Conference, 1996.
24. B. Staniford-Chen S.; Tung and D. Schnackenberg. The Common Intrusion Detection Framework (CIDF). In Information Survivability Workshop, Orlando FL, 1998.
25. The Honeynet Project. Know your Enemy: Tracking Botnets. http://www.honeynet.org/papers/bots/.
26. G. Vigna, S. Eckmann, and R. Kemmerer. The stat tool suite. In In Proceedings of DISCEX, 2000.
27. U. White, G. B.; Pooch. Cooperating security managers: distributed intrusion detection systems. In Computers & Security, Vol. 15, No. 5, pages 441-450, 1996.
28. V. Yegneswaran, P. Barford, and J. Ullrich. Internet intrusions: Global characteristics and prevalence. In In Proceedings of ACM SIGMETRICS, 2003.
29. S. Zanero. Behavioral Intrusion Detection. In ISCIS 2004.