S. S. Chen, B. Tung, and D. Schnackenberg. The common intrusion detection framework. In Proc. of Information Survivability Workshop, 1998. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Real Time Data Mining-based Intrusion Detection - Lee, Stolfo, Chan, Eskin.. (2001) (2 citations) (Correct)
....this heterogeneity, an XML encoding is used so each component can easily exchange data and or models. Our design was influenced by the work in standardizing the message formats and protocols for IDS communication and collaboration: the Common Intrusion Detection Framework (CIDF, funded by DARPA) [29] and the more recent Intrusion Detection Message Exchange Format (IDMEF, by the Intrusion Detection Working Group of IETF, the Internet Engineering Task Force) Using CIDF or IDMEF, IDSs can securely exchange attack information, encoded in the standard formats, to collaboratively detect ....
S. Stainford-Chen. Common intrusion detection framework. http://seclab.cs.ucdavis.edu/cidf.
A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (52 citations) (Correct)
....e.g. Bro [18] NFR [6] and EMERALD [19] all made extensibility their primary design goals. Our research focuses on automatic methods for constructing intrusion detection models. The meta learning mechanism is designed to automate the extention process of IDSs. We share the same views discussed in [20] that an IDS should be built using standard components. We believe that the operating system and networking community should be responsible for building a robust Event box. In [10] algorithms for analyzing user shell commands and detecting anomalies were discussed. The basic idea is to first ....
S. Stainford-Chen. Common intrusion detection framework. http://seclab.cs.ucdavis.edu/cidf.
Adaptive Model Generation for Intrusion Detection Systems - Eskin, Miller, Zhong.. (2000) (2 citations) (Correct)
....[9, 10, 11] examine unlabeled data for anomaly detection by looking at user profiles and comparing the activity during an intrusion to the activity under normal use. In intrusion data representation, related work is the IETF Intrusion Detection Exchange Format project [7] and the CIDF effort [18]. 3 3 Adaptive Model Generation We propose an IDS architecture that contains three components, a sensor, a detector, and an adaptive model generator. The sensor feeds formatted data to the detector for analyzing and responding to occurring intrusions, and also sends data to the adaptive model ....
S. Staniford-Chen, B. Tung, and D. Schnackenberg. The common intrusion detection framework (cidf). In Proceedings of the Information Survivability Workshop, October 1998.
A Data Mining and CIDF Based Approach for.. - Lee, Nimbalkar.. (2000) (8 citations) (Correct)
....the slave programs (if there are any in their local environments) responsible for the DDOS attack. Our research aims to develop techniques for detecting novel and distributed intrusions. In this paper, we describe an experimental system, based on the Common Intrusion Detection Framework (CIDF) [17], where geographically distributed IDSs can communicate with each other by following the protocols defined in CIDF. For example, the IDSs can exchange attack information that includes attack source, method, behavior, and response, etc. Moreover, upon detecting a novel attack, an IDS can send the ....
S. Stainford-Chen. Common intrusion detection framework. http://seclab.cs.ucdavis.edu/cidf.
Insertion, Evasion, and Denial of Service: Eluding Network.. - Ptacek, Newsham (1998) (29 citations) (Correct)
....of Intrusion Detection Systems There are many different ID systems deployed world wide, and almost as many different designs for them. Because there are so many different ID systems, it helps to have a model within which to consider all of them. The Common Intrusion Detection Framework (CIDF)[1] defines a set of components that together define an intrusion detection system. These components include event generators ( E boxes ) analysis engines ( A boxes ) storage mechanisms ( Dboxes ) and even countermeasures ( C boxes ) A CIDF component can be a software package in and of itself, ....
S. Staniford-Chen, "Common Intrusion Detection Framework," http://seclab.cs.ucdavis.edu/cidf/
A Data Mining Framework for Building Intrusion Detection Models - Lee, Stolfo, Mok (1999) (52 citations) (Correct)
....Bro [19] NFR [18] and EMERALD [20] all made extensibility their primary design goals. Our research focuses on automatic methods for constructing intrusion detection models. The meta learning mechanism is designed to automate the extention process of IDSs. We share the same views discussed in [21] that an IDS should be built using standard components. We believe that the operating system and networking community should be responsible for building a robust Event box. In [9] algorithms for analyzing user shell commands and detecting anomalies were discussed. The basic idea is to first ....
S. Stainford-Chen. Common intrusion detection framework. http://seclab.cs.ucdavis.edu/cidf.
ATMEN: A Triggered Network Measurement Infrastructure - Krishnamurthy.. (2005) (Correct)
No context found.
S. S. Chen, B. Tung, and D. Schnackenberg. The common intrusion detection framework. In Proc. of Information Survivability Workshop, 1998.
ATMEN: A Triggered Network Measurement Infrastructure - Krishnamurthy.. (2005) (Correct)
No context found.
S. S. Chen, B. Tung, and D. Schnackenberg. The common intrusion detection framework. In Proc. of Information Survivability Workshop, 1998.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC