R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, S. Zhou  Home/Search
Context Related
| sunysb.edu/sekar/papers/ccs02.pdf Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: sunysb.edu/seclab1/pubs/papers (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Unlike signature or misuse based intrusion detection techniques, anomaly detection is capable of detecting novel attacks. However, the use of anomaly detection in practice is hampered by a high rate of false alarms. Specification-based techniques have been shown to produce a low rate of false alarms, but are not as effective as anomaly detection in detecting novel attacks, especially when it comes to network probing and denial-of-service attacks. This paper presents a new approach that combines ... (Update)
Cited by: More
Trust Management Survey - Sini Ruohomaa And (Correct)
Using Predators to Combat Worms and Viruses: - Simulation-Based Study Ajay (Correct)
An Approach for Detecting Self-Propagating Email Using Anomaly .. - Gupta, Sekar (2003) (Correct)
Active bibliography (related documents): More All
0.6: Building Survivable Systems: An Integrated.. - Bowen, Chee.. (2000) (Correct)
0.5: A High-Performance Network Intrusion Detection System - Sekar, Guang, Verma, Shanbhag (1999) (Correct)
0.3: Model-Carrying Code (MCC): A New Paradigm for.. - Sekar.. (2001) (Correct)
Similar documents based on text: More All
0.1: MINDS - Minnesota Intrusion Detection System - Ertöz, Eilertson, Lazarevic.. (Correct)
0.1: Experiences with Specification-based Intrusion Detection - Uppuluri, Sekar (2001) (Correct)
0.1: Fast Strictness Analysis Based on Demand Propagation - Sekar, Ramakrishnan (1995) (Correct)
Related documents from co-citation: More All
3: Data mining approaches for intrusion detection - Lee, Stolfo - 1998
3: Directedgraph epidemiological models of computer viruses (context) - Jeffrey, Steve et al. - 1991
3: Code Red Worm Propagation Modeling and Analysis - Zou, Gong et al. - 2002
BibTeX entry: (Update)
R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, S. Zhou, A. Tiwari and H. Yang, "Specification Based Anomaly Detection: A New Approach for Detecting Network Intrusions", ACM CCS, 2002. http://citeseer.ist.psu.edu/sekar02specificationbased.html More
@inproceedings{ 586146,
author = {R. Sekar and A. Gupta and J. Frullo and T. Shanbhag and A. Tiwari and H. Yang and S. Zhou},
title = {Specification-based anomaly detection: a new approach for detecting network intrusions},
booktitle = {Proceedings of the 9th ACM conference on Computer and communications security},
year = {2002},
isbn = {1-58113-612-9},
pages = {265--274},
location = {Washington, DC, USA},
doi = {http://doi.acm.org/10.1145/586110.586146},
publisher = {ACM Press},
url = {citeseer.ist.psu.edu/sekar02specificationbased.html} }
Citations (may not include all citations):299 The BSD Packet Filter: A New Architecture for User-level Pac.. - McCanne, Jacobson - 1992
140 Snort: Lightweight intrusion detection for networks (context) - Roesch - 1999
123 Bro: A System for Detecting Network Intruders in Real-Time - Paxson - 1998
121 An Intrusion Detection Model (context) - Denning - 1987
121 Network Intrusion Detection (context) - Mukherjee, Heberlein et al. - 1994
84 Data Mining Approaches for Intrusion Detection - Lee, Stolfo - 1998
74 Computer Immunology - Forrest, Hofmeyr et al. - 1997
63 Next-generation Intrusion Detection Expert System - Anderson, Lunt et al. - 1995
59 Toward parallel and distributed learning by metalearning - Chan, Stolfo - 1993
59 Execution Monitoring of Security-Critical Programs in Distri.. (context) - Ko, Ruschitzka et al. - 1997
43 NADIR: An Automated System for Detecting Network Intrusion a.. (context) - Hochberg - 1993
36 Alarm Correlation (context) - Jakobson, Weissman - 1993
34 NetSTAT: A Network-based Intrusion Detection Approach - Vigna, Kemmerer - 1998
34 Synthesizing Fast Intrusion PreventionDetection System from .. - Uppuluri, Intrusion et al. - 1999
28 Penetration State Transition Analysis:A Rule based Intrusion.. (context) - Porras, Kemmerer - 1992
19 A High-Performance Network Intrusion Detection System - Sekar, Guang et al. - 1999
16 A Pattern-Matching Model for Intrusion Detection (context) - Kumar, Spafford - 1994
15 Evaluating Intrusion Detection Systems (context) - Lippmann, Fried et al. - 1998
7 Building Survivable Systems: An Integrated Approach Based on.. - Bowen, Chee et al. - 2000
6 EMERALD: Event Monitoring Enabled Responses to Anomalous Liv.. (context) - Porras, Neumann - 1997
5 Symposium on Research Security and Privacy (context) - Heberlein, Security - 1990
3 Learning Program Behavior Profilesfor Intrusion Detection (context) - Ghosh, Schwartzbard et al. - 1999
3 NATE --- Network Analysis of Anomalous TrafficEvents (context) - Taylor, Alves-Foss - 2001
1 Boswell and M (context) - Haines, Lippmann et al. - 1999
1 Networks and Distributed Systems Security Symposium (context) - Porras, Valdes et al. - 1998
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.seclab.cs.sunysb.edu/seclab1/pubs/papers.htm): More
Empowering Mobile Code Using Expressive Security Policies - Venkatakrishnan, Peri, Sekar (2002) (Correct)
Model-Carrying Code: A Practical Approach for Safe .. - Sekar.. (2003) (Correct)
Dataflow Anomaly Detection - Bhatkar, Chaturvedi, Sekar (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC