Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
439
Thwarting Zero-Day Polymorphic Worms With Network-Level Length-Based Signature Generation
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at network gateways or honeynets so that we can prevent worms from propagating at their early phase. However, most existing network-based signatures are specific to exploit and can be easily evaded. In this paper, ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
, we propose generating vulnerability-driven signatures at network level without any host-level analysis of worm execution or vulnerable programs. As the first step, we design a network-based length-based signature generator (LESG) for the worms exploiting buffer overflow vulnerabilities1
Autograph: Toward automated, distributed worm signature detection
- In Proceedings of the 13th Usenix Security Symposium
, 2004
"... Today’s Internet intrusion detection systems (IDSes) monitor edge networks ’ DMZs to identify and/or filter malicious flows. While an IDS helps protect the hosts on its local edge network from compromise and denial of service, it cannot alone effectively intervene to halt and reverse the spreading o ..."
Abstract
-
Cited by 362 (3 self)
- Add to MetaCart
of novel Internet worms. Generation of the worm signatures required by an IDS—the byte patterns sought in monitored traffic to identify worms—today entails non-trivial human labor, and thus significant delay: as network operators detect anomalous behavior, they communicate with one another and manually
Honeycomb -- Creating Intrusion Detection Signatures Using Honeypots
- IN PROCEEDINGS OF THE SECOND WORKSHOP ON HOT TOPICS IN NETWORKS (HOTNETS-II
, 2004
"... This paper describes a system for automated generation of attack signatures for network intrusion detection systems. Our system applies pattern-matching techniques and protocol conformance checks on multiple levels in the protocol hierarchy to network traffic captured a honeypot system. We present ..."
Abstract
-
Cited by 209 (2 self)
- Add to MetaCart
This paper describes a system for automated generation of attack signatures for network intrusion detection systems. Our system applies pattern-matching techniques and protocol conformance checks on multiple levels in the protocol hierarchy to network traffic captured a honeypot system. We present
Network-based and attackresilient length signature generation for zero-day polymorphic worms
, 2007
"... It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability based and can be easily evad ..."
Abstract
-
Cited by 8 (2 self)
- Add to MetaCart
evaded under attacks. In this paper, we propose to design vulnerability based signatures without any host-level analysis of worm execution or vulnerable programs. As the first step, we design a network-based Length-based Signature Generator (LESG) for worms based on buffer overflow vulnerabilities
Network-based and Attack-resilient Length Signature Generation for Zero-day Polymorphic Worms
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can be ea ..."
Abstract
- Add to MetaCart
be easily evaded by attacks. In this paper, we propose generating vulnerability-based signatures on the network level without any host-level analysis of worm execution or vulnerable programs. As the first step, we design a network-based Length-based Signature Generator (LESG) for worms based on buffer
Network-based and Attack-resilient Length Signature Generation for Zero-day Polymorphic Worms
"... Abstract—It is crucial to detect zero-day polymorphic worms and to generate signatures at the edge network gateways or honeynets so that we can prevent the worms from propagating at their early phase. However, most existing network-based signatures generated are not vulnerability-based and can be ea ..."
Abstract
- Add to MetaCart
be easily evaded by attacks. In this paper, we propose generating vulnerability-based signatures on the network level without any host-level analysis of worm execution or vulnerable programs. As the first step, we design a network-based Length-based Signature Generator (LESG) for worms based on buffer
A critical role for the right fronto-insular cortex in switching between central-executive and default-mode networks.
- Proc Natl Acad Sci USA
, 2008
"... Cognitively demanding tasks that evoke activation in the brain's central-executive network (CEN) have been consistently shown to evoke decreased activation (deactivation) in the default-mode network (DMN). The neural mechanisms underlying this switch between activation and deactivation of larg ..."
Abstract
-
Cited by 178 (1 self)
- Add to MetaCart
events in the environment. Recent research suggests that the human brain is intrinsically organized into distinct functional networks that support these processes (1-4). Analysis of resting-state functional connectivity, using both model-based and model-free approaches, has suggested the existence
NetSpy: Automatic generation of spyware signatures for NIDS
- In Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC ’06), Miami Beach, FL
, 2006
"... Abstract We present NetSpy, a tool to automatically generatenetwork-level signatures for spyware. NetSpy determines whether an untrusted program is spyware by correlatinguser input with network tra ffic generated by the untrustedprogram. If classified as spyware, NetSpy also generates a signature ch ..."
Abstract
-
Cited by 16 (0 self)
- Add to MetaCart
Abstract We present NetSpy, a tool to automatically generatenetwork-level signatures for spyware. NetSpy determines whether an untrusted program is spyware by correlatinguser input with network tra ffic generated by the untrustedprogram. If classified as spyware, NetSpy also generates a signature
Whom You Know Matters: Venture Capital Networks and Investment Performance,
- Journal of Finance
, 2007
"... Abstract Many financial markets are characterized by strong relationships and networks, rather than arm's-length, spot-market transactions. We examine the performance consequences of this organizational choice in the context of relationships established when VCs syndicate portfolio company inv ..."
Abstract
-
Cited by 138 (8 self)
- Add to MetaCart
Abstract Many financial markets are characterized by strong relationships and networks, rather than arm's-length, spot-market transactions. We examine the performance consequences of this organizational choice in the context of relationships established when VCs syndicate portfolio company
Behavioral Clustering of HTTP-Based Malware and Signature Generation Using Malicious Network Traces
"... We present a novel network-level behavioral malware clustering system. We focus on analyzing the structural similarities among malicious HTTP traffic traces generated by executing HTTP-based malware. Our work is motivated by the need to provide quality input to algorithms that automatically generate ..."
Abstract
- Add to MetaCart
We present a novel network-level behavioral malware clustering system. We focus on analyzing the structural similarities among malicious HTTP traffic traces generated by executing HTTP-based malware. Our work is motivated by the need to provide quality input to algorithms that automatically
Results 1 - 10
of
439
