Results 1 - 10
of
146
The BSD Packet Filter: A New Architecture for User-level Packet Capture
, 1992
"... Many versions of Unix provide facilities for user-level packet capture, making possible the use of general purpose workstations for network monitoring. Because network monitors run as user-level processes, packets must be copied across the kernel/user-space protection boundary. This copying can be m ..."
Abstract
-
Cited by 568 (2 self)
- Add to MetaCart
be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible. The original Unix packet filter was designed around a stack-based filter evaluator that performs sub-optimally on current RISC CPUs. The BSD Packet Filter (BPF) uses a new, registerbased
The BSD Packet Filter: A New Architecture for User-level Packet Capture
, 1992
"... Many versions of Unix provide facilities for user-level packet capture, making possible the use of general purpose work-stations for network monitoring. Because network monitors run as user-level processes, packets must be copied across the kernel/user-space protection boundary. This copying can be ..."
Abstract
- Add to MetaCart
be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible. The original Unix packet filter was designed around a stack-based filter evaluator that performs sub-optimally on current RISC CPUs. The BSD Packet Filter (BPF) uses a new, register
Abstract The BSD Packet Filter: A New Architecture for User-level Packet Capture 3
"... Many versions of Unix provide facilities for user-level packet capture, making possible the use of general purpose workstations for network monitoring. Because network monitors run as user-level processes, packets must be copied across the kernel/user-space protection boundary. This copying can be m ..."
Abstract
- Add to MetaCart
be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible. The original Unix packet filter was designed around a stack-based filter evaluator that performs sub-optimally on current RISC CPUs. The BSD Packet Filter (BPF) uses a new, registerbased
Abstract The BSD Packet Filter: A New Architecture for User-level Packet Capture
"... Many versions of Unix provide facilities for user-level packet capture, making possible the use of general purpose workstations for network monitoring. Because network monitors run as user-level processes, packets must be copied across the kernel/user-space protection boundary. This copying can be m ..."
Abstract
- Add to MetaCart
be minimized by deploying a kernel agent called a packet filter, which discards unwanted packets as early as possible. The original Unix packet filter was designed around a stack-based filter evaluator that performs sub-optimally on current RISC CPUs. The BSD Packet Filter (BPF) uses a new, registerbased
On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets
- In Proc. ACM SIGCOMM
, 2001
"... Denial of service (DoS) attack on the Internet has become a pressing problem. In this paper, we describe and evaluate route-based distributed packet filtering (DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that DPF achieves proactiveness and scalability, and we show tha ..."
Abstract
-
Cited by 278 (7 self)
- Add to MetaCart
Denial of service (DoS) attack on the Internet has become a pressing problem. In this paper, we describe and evaluate route-based distributed packet filtering (DPF), a novel approach to distributed DoS (DDoS) attack prevention. We show that DPF achieves proactiveness and scalability, and we show
Ffpf: Fairly fast packet filters
- In Proceedings of OSDI’04
, 2004
"... FFPF is a network monitoring framework designed for three things: speed (handling high link rates), scalability (ability to handle multiple applications) and flexibility. Multiple applications that need to access overlapping sets of packets may share their packet buffers, thus avoiding a packet copy ..."
Abstract
-
Cited by 49 (13 self)
- Add to MetaCart
performance compared to existing approaches such as BSD packet filters, and especially shines when multiple monitoring applications execute simultaneously. Flexibility is achieved by allowing expressions written in different languages to be connected to form complex processing graphs (not unlike UNIX
Face Detection Using Quantized Skin Color Regions Merging and Wavelet Packet Analysis
, 1999
"... Detecting and recognizing human faces automatically in digital images strongly enhance content-based video indexing systems. In this paper, a novel scheme for human faces detection in color images under nonconstrained scene conditions, such as the presence of a complex background and uncontrolled il ..."
Abstract
-
Cited by 133 (4 self)
- Add to MetaCart
illumination, is presented. Color clustering and filtering using approximations of the YCbCr and HSV skin color subspaces are applied on the original image, providing quantized skin color regions. A merging stage is then iteratively performed on the set of homogeneous skin color regions in the color quantized
1 Unix Memory Allocations Are Not Poisson
"... Abstract — In multitasking operating systems, requests for free memory are traditionally modeled as a stochastic counting process with independent, exponentiallydistributed interarrival times because of the analytic simplicity such Poisson models afford. We analyze the distribution of several millio ..."
Abstract
- Add to MetaCart
million unix page commits to show that although this approach could be valid over relatively long timespans, the behavior of the arrival process over shorter periods is decidedly not Poisson. We find that this result holds regardless of the originator of the request: unlike network packets
CONTROLLING IP SPOOFING THROUGH PACKET FILTERING
"... IP address spoofing refers to the creation of Internet Protocol packets with a forged source IP address, called spoofing, it is a method of attacking a network in order to gain unauthorized access. The distributed denial-of-service (DDoS) attack is a serious threat to the legitimate use of the Inter ..."
Abstract
- Add to MetaCart
IP address spoofing refers to the creation of Internet Protocol packets with a forged source IP address, called spoofing, it is a method of attacking a network in order to gain unauthorized access. The distributed denial-of-service (DDoS) attack is a serious threat to the legitimate use
CAPTRA: Coordinated Packet Traceback
- IPSN'06
, 2006
"... Network-based attacks can be either persistent or sporadic. Persistent attack flows can be relatively easy to trace by mechanisms such as probabilistic packet marking, traffic logging, data mining etc. Sporadic attacks are sometimes easily detected by the Intrusion Detection Systems (IDSs) at the vi ..."
Abstract
-
Cited by 8 (0 self)
- Add to MetaCart
) at the victims, but are hard to trace back to the attack origins. We propose CAPTRA, a CoordinAted Packet TRAceback mechanism, for wireless sensor networks (WSNs) that takes advantage of the broadcasting nature of the packet transmissions. By remembering packets in multi-dimensional Bloom filters distributed
Results 1 - 10
of
146