Personal Computers Hewlett-Packard Laboratories, Palo Alto, CA Report No....  Home/Search
Context
Related
| berkeley.edu/techrepo...CSD041352.pdf Cached: PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
PS.gz PS Image Update HelpFrom: berkeley.edu/access...CSD041352 (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: In this paper, we tackle the problem of automated detection of break-ins of new unknown threats such as worms, spyware and adware on personal computers. We propose Break-IN DEtectoR (BINDER), a host-based system that detects break-ins by capturing extrusions, stealthy malicious outgoing network traffic sent by them. To capture extrusions, BINDER correlates outgoing network traffic and process information with user activity. This is a unique characteristic of personal computers in contrast to... (Update)
Active bibliography (related documents): More All
0.3: An Ontology-supported Outbound Intrusion Detection System - Mandujano (2005) (Correct)
0.3: Modelling Incentives for Email Blocking Strategies - Clayton (2005) (Correct)
0.2: Using Queries for Distributed Monitoring and Forensics - Singh, Roscoe, Maniatis.. (2006) (Correct)
Similar documents based on text:
0.0: Unknown - (Correct)
BibTeX entry: (Update)
@misc{ hewlett-packard-binder,
author = "Personal Computers Hewlett-Packard",
title = "BINDER: An Extrusion-based Break-In Detector for",
url = "citeseer.ist.psu.edu/736257.html" }
Citations (may not include all citations):123 Bro: a system for detecting network intruders in real-time - Paxson - 1999
63 Intrusion detection using sequences of system calls - Hofmeyr, Forrest et al. - 1998
61 Throttling viruses: Restricting propagation to defeat malici.. - Williamson - 2002
56 How to own the internet in your spare time (context) - Staniford, Paxson et al. - 2002
22 Inside the slammer worm (context) - Moore, Paxson et al. - 2003
22 Very fast containment of scanning worms (context) - Weaver, Staniford et al. - 2004
18 A framework for constructing features and models for intrusi.. - Lee, Stolfo - 2000
17 The base-rate fallacy and its implications for the difficult.. - Axelsson - 1999
15 Shield: Vulnerability-driven network filters for preventing .. - Wang, Guo et al. - 2004
4 Automatic misconfiguration troubleshooting with peerpressure (context) - Wang, Platt et al. - 2004
3 Stopping spam by extrusion detection - Clayton - 2004
1 API spying techniques for Windows 9X, NT and 2000 (context) - Kaplan - 2000
1 comtechnetsecurityprodtech winsecwinkdetect (context) - Auditing, microsoft et al.
1 Uclog: A unified, correlated logging architecture for intrus.. (context) - Li, Taylor et al. - 2004
1 netspywareblog archivehow to get rid spy deleter (context) - http, spywareblog et al. - 2004
http://windump.polito.it/
http://securityresponse.symantec
http://www.trendmicro.com/vinfo/
http://securityresponse.symantec.com/
http://winpcap.polito.it/
http://securityresponse.symantec
http://www.microsoft.com/resources/ngscb/default.mspx
http://www.zonelabs.com/
http://securityresponse.symantec
http://www.symantec.com/
http://www.sysinternals.com/ntw2k/freeware/
http://www.sysinternals.com/ntw2k
http://securityresponse.symantec
http://www.vmware.com/
http://www.snort.org/
http://securityresponse.symantec.com/
http://msdn.microsoft.com/
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC