D. Schnackenberg, K. Djahandari, and D. Sterne, "Infrastructure for intrusion detection and response," DARPA Information Survivability Conference and Exposition, 2000.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....have been identified, the process must be repeated at the upstream router. Several techniques have been developed to streamline and automate this process. Some ISPs have developed their own ad hoc mechanisms for automatically conducting input debugging across their networks. Schnackenberg et al. [22] propose a special Intruder Detection and Isolation Protocol (IDIP) to facilitate interaction between routers involved in a traceback effort. IDIP does not specify how participating entities should track packet traffic; it simply requires that they be able to determine whether or not they have ....

SCHNACKENBERG, D., DJAHANDARI,K., AND STERNE, D. Infrastructure for intrusion detection and response. In Proc. First DARPA Information Survivability Conference and Exposition (Jan. 2000).

....have been identified, the process must be repeated at the upstream router. Several techniques have been developed to streamline and automate this process. Some ISPs have developed their own ad hoc mechanisms for automatically conducting input debugging across their networks. Schnackenberg et al. [15] propose a more general Intruder Detection and Isolation Protocol (IDIP) to facilitate interaction between routers involved in a traceback effort. IDIP does not specify how participating entities should track packet traffic; it simply requires that they be able to determine whether or not they ....

Dan Schnackenberg, Kelly Djahandari, and Dan Sterne, "Infrastructure for intrusion detection and response," in Proc. First DARPA Information Survivability Conference and Exposition, Jan. 2000.

....logging of router events for attack analysis, but both schemes introduce significant processing and storage overhead in the routers. Schnackenberg et al. propose a special Intruder Detection and Isolation Protocol (IDIP) to facilitate interaction between routers involved in a traceback effort [10]. IDIP does not specify how participating entities should track packet traffic; it simply requires that they be able to determine whether or not they have seen a component of an attack matching a certain description. SPIE, the Source Path Isolation Engine, is a system that provides traceback ....

D. Schnackenberg, K., Djahandari, and D. Sterne, "Infrastructure for Intrusion Detection and Response," Proc. DARPA Information Survivability Conference and Exposition, January 2000.

....Conjunctions allow CISL clauses to be logically combined. While quite powerful, some IDS authors have found CISL to be unwieldy, and to date its practical applications have been limited. It has, however, been influential in shaping other efforts. The Intruder Detection and Isolation Protocol [11] is an infrastructure for integrating IDSes and automated response components. IDIP has been tested with a variety of IDSes, boundary controllers, and host based responders. It provides a discovery coordinator API to allow components access to services including data management, situation display, ....

D. Schnackenberg, K. Djahandari, and D. Sterne, "Infrastructure for intrusion detection and response," in DARPA Information Survivability Conference and Exposition(DISCEX-

....signature matching to detect attacks on routing infrastructure. In contrast to the large amount of work on intrusion misuse detection, there has been much less research reported on the crucial related problem of locating the source(s) of an attack once it is detected. One such project is IDIP [8]. Because of IP spoofing, the source address in an attack packet cannot be relied upon to disclose the true source of the attack. IP spoofing refers to a variety of techniques used to falsify source IP addresses. This may be done simply to hide the identity of the sender or may be done to obtain ....

D. Schnackenberg, K. Djahandari, and D. Sterne. Infrastructure for intrusion detection and response. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX), Hilton Head, South Carolina, January 2000.

No context found.

D. Schnackenberg, K. Djahandari, and D. Sterne, "Infrastructure for intrusion detection and response," DARPA Information Survivability Conference and Exposition, 2000.

No context found.

D. Schnackenberg, K. Djahandari, D. Sterne, Infrastructure for intrusion detection and response, DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00 2 (1999) 3--11.

No context found.

D. Schnackenberg, K. Djahandari, D. Sterne, Infrastructure for intrusion detection and response, Proceedings of the DARPA Information Survivability Conference and Exposition 2000.

No context found.

D. Schnackenberg, K. Djahandari, and D. Sterne, "Infrastructure for Intrusion Detection and Response," Proc. of First DARPA Information Survivability Conference and Exposition, January 2000.

No context found.

D. Schnackenberg, K. Djahandari, and D. Sterne. Infrastructure for intrusion detection and response. Advanced Security Research Journal, 3(1), 2001.

No context found.

D. Schnackenberg, K. Djahandari, and D. Sterne. "Infrastructure for Intrusion Detection and Response." Advanced Security Research Journal, 3(1), 2001.

No context found.

D. Schnackenberg, K. Djahandari, and D. Sterne. Infrastructure for Intrusion Detection and Response. Advanced Security Research Journal, 3(1), 2001.

No context found.

Schnackenberg, D., Djahandari, K., and Sterne, D. (2000). Infrastructure for Intrusion Detection and Response. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX '00). 44

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC