B. Caswell and M. Roesch. The SNORT network intrusion detection system. http://www.snort.org, April 2004.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....distributed throughout the Internet. Specifically, our data was collected in over 1600 networks world wide over a 4 month period by DSHIELD.ORG. Entries in these logs consist of packets rejected by firewalls and portscan logs recorded by Network Intrusion Detections Systems (NIDS primarily Snort [19]) This data set provides us with a unique perspective on global intrusion activity. We investigated a range of fundamental features of intrusion activity by evaluating our data along a number of dimensions. Specifically, we assess the daily volume of intrusion attempts, the sources and ....

.... worm induced traffic diversity that is unlike other normal traffic experienced by routers and is the primary cause of the BGP instabilities. Our work has implications in development and configuration of network intrusion detection systems. Many such systems have been developed and deployed (e.g. [18, 19]) The standard approach for recognizing an intrusion is to create Table 1: Sample log entries from DSHIELD portscan logs Date Time Sub. Hash No: Scans Src IP Src Port Target IP Target Port TCP Flags 2002 03 19 18:35:18 provider2323 3 211.10.7.73 1227 10.3.23.12 21 S 2002 03 19 18:35:19 ....

Marty Roesch. The SNORT Network Intrusion Detection System. http://www.snort.org, 2002.

No context found.

B. Caswell and M. Roesch. The SNORT network intrusion detection system. http://www.snort.org, April 2004.

No context found.

M. Roesch. The SNORT Network Intrusion Detection System. http://www.snort.org, 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC