Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
1,163
State Transition Analysis: A Rule-Based Intrusion Detection Approach
- IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 1995
"... This paper presents a new approach to representing and detecting computer penetrations in real-time. The approach, called state transition analysis, models penetrations as a series of state changes that lead from an initial secure state to a target compromised state. State transition diagrams, the g ..."
Abstract
-
Cited by 353 (19 self)
- Add to MetaCart
illustration of the overall design and functionality of this intrusion detection approach. Lastly, STAT is compared to the functionality of comparable intrusion detection tools.
End-to-end available bandwidth: Measurement methodology, dynamics, and relation with TCP throughput
- In Proceedings of ACM SIGCOMM
, 2002
"... The available bandwidth (avail-bw) in a network path is of major importance in congestion control, streaming applications, QoS verification, server selection, and overlay networks. We describe an end-to-end methodology, called Self-Loading Periodic Streams (SLoPS), for measuring avail-bw. The basic ..."
Abstract
-
Cited by 414 (20 self)
- Add to MetaCart
idea in SLoPS is that the one-way delays of a periodic packet stream show an increasing trend when the stream’s rate is higher than the avail-bw. We implemented SLoPS in a tool called pathload. The accuracy of the tool has been evaluated with both simulations and experiments over real-world Internet
Backtracking intrusions
, 2003
"... Analyzing intrusions today is an arduous, largely manual task because system administrators lack the information and tools needed to understand easily the sequence of steps that occurred in an attack. The goal of BackTracker is to identify automatically potential sequences of steps that occurred in ..."
Abstract
-
Cited by 240 (11 self)
- Add to MetaCart
Analyzing intrusions today is an arduous, largely manual task because system administrators lack the information and tools needed to understand easily the sequence of steps that occurred in an attack. The goal of BackTracker is to identify automatically potential sequences of steps that occurred
Storage-Based Intrusion Detection
- ACM Transactions on Information and System Security
"... Storage-based intrusion detection consists of storage systems watching for and identifying data access patterns characteristic of system intrusions. Storage systems can spot several common intruder actions, such as adding backdoors, inserting Trojan horses, and tampering with audit logs. For example ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
. For example, examination of 18 real intrusion tools reveals that most (15) can be detected based on their changes to stored files. Further, an Intrusion Detection System (IDS) embedded in a storage device continues to operate even after client operating systems are compromised. We describe and evaluate a
USTAT: A Real-time Intrusion Detection System for UNIX
, 1992
"... This thesis presents the design and implementation of a real-time intrusion detection tool called Ustat, a State Transition Analysis Tool for UNIX. The original design was first developed by Phillip A. Porras and presented in [Porr91] as STAT, a State Transition Analysis Tool. STAT is a new model f ..."
Abstract
-
Cited by 144 (1 self)
- Add to MetaCart
This thesis presents the design and implementation of a real-time intrusion detection tool called Ustat, a State Transition Analysis Tool for UNIX. The original design was first developed by Phillip A. Porras and presented in [Porr91] as STAT, a State Transition Analysis Tool. STAT is a new model
The M5 simulator: Modeling networked systems
- IEEE Micro
, 2006
"... TCP/IP networking is an increasingly important aspect of computer systems, but a lack of simulation tools limits architects ’ ability to explore new designs for network I/O. We have developed the M5 simulator specif-ically to enable research in this area. In addition to typical architecture simulato ..."
Abstract
-
Cited by 249 (22 self)
- Add to MetaCart
TCP/IP networking is an increasingly important aspect of computer systems, but a lack of simulation tools limits architects ’ ability to explore new designs for network I/O. We have developed the M5 simulator specif-ically to enable research in this area. In addition to typical architecture
INTRUSION DETECTION SYSTEMS. TECHNIQUES AND TOOLS.
"... Abstract: Attacks on the computer infrastructures are becoming an increasingly serious problem. There are available several information security techniques and tools to protect valuable information stored on computer systems against unauthorized access, use and destruction. This paper offers a persp ..."
Abstract
- Add to MetaCart
intruders, revealing the modality for discovering abnormal system events. Finally, the focus is on different types of intrusion detection tools available, few examples of them being presented. JEL classification: C83, C88 Key words: intrusion detection, abnormal events, audit trail analysis, real
The ORCHIDS Intrusion Detection Tool
- In Kousha Etessami and Sriram Rajamani, editors, Proceedings of the 17th International Conference on Computer Aided Verification (CAV’05), volume 3576 of Lecture Notes in Computer Science
, 2005
"... Abstract. ORCHIDS is an intrusion detection tool based on techniques for fast, on-line model-checking. Temporal formulae are taken from a temporal logic tailored to the description of intrusion signatures. They are checked against merged network and system event flows, which together form a linear K ..."
Abstract
-
Cited by 14 (2 self)
- Add to MetaCart
Kripke structure. Introduction: Misuse Detection as Model-Checking. ORCHIDS is a new intrusion detection tool, capable of analyzing and correlating events over time, in real time. Its purpose is to detect, report, and take countermeasures against intruders. The core of the engine is originally based
GrIDS -- A Graph Based Intrusion Detection System for Large Networks
- IN PROCEEDINGS OF THE 19TH NATIONAL INFORMATION SYSTEMS SECURITY CONFERENCE
, 1996
"... There is widespread concern that large-scale malicious attacks on computer networks could cause serious disruption to network services. We present the design of GrIDS (Graph-Based Intrusion Detection System). GrIDS collects data about activity on computers and network traffic between them. It aggreg ..."
Abstract
-
Cited by 116 (2 self)
- Add to MetaCart
. It aggregates this information into activity graphs which reveal the causal structure of network activity. This allows large-scale automated or coordinated attacks to be detected in near real-time. In addition, GrIDS allows network administrators to state policies specifying which users may use particular
GrIDS - A Graph-Based Intrusion Detection System for Large Networks
- In Proceedings of the 19th National Information Systems Security Conference
, 1996
"... There is widespread concern that large-scale malicious attacks on computer networks could cause serious disruption to network services. We present the design of GrIDS (Graph-Based Intrusion Detection System). GrIDS collects data about activity on computers and network traffic between them. It aggreg ..."
Abstract
-
Cited by 107 (1 self)
- Add to MetaCart
. It aggregates this information into activity graphs which reveal the causal structure of network activity. This allows large-scale automated or co-ordinated attacks to be detected in near real-time. In addition, GrIDS allows network administrators to state policies specifying which users may use particular
Results 1 - 10
of
1,163
