Robin Sommer, Vern Paxson  Home/Search
Context Related
| icir.org/robin/papers/istate.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: icir.org/robin/papers/ (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Network intrusion detection systems (NIDSs) rely on managing a significant amount of state. Often much of this state resides solely in the volatile processor memory accessible to a single user-level process on a single machine. In this work we develop an architecture that facilitates independent state, i.e., internal fine-grained state that can be propagated from one instance of a NIDS to others running either concurrently or subsequently. (Update)
Cited by: More
An Architecture for Developing Behavioral History - Mark Allman Ethan (Correct)
Fighting Coordinated Attackers with.. - Allman, Blanton.. (2006) (Correct)
Enhancing the Accuracy of Network-based Intrusion.. - Dreger, Kreibich, al. (2005) (Correct)
Active bibliography (related documents): More All
0.7: Exploiting Independent State for Network Intrusion Detection - Sommer, Paxson (2004) (Correct)
0.1: Theoretical Basis for Intrusion Detection - Li, Das, Zhou (2005) (Correct)
0.1: Visualizing and Identifying Intrusion Context from System Calls.. - Li, Das (2004) (Correct)
Similar documents based on text:
4.0: Unknown - (Correct)
Related documents from co-citation: More All
3: IEEEACM Transaction Networking (context) - faster, ACM et al.
2: Querying the Internet with PIER - Huebsch, Hellerstein et al. - 2003
2: Security for peer-to-peer routing overlays (context) - Castro, Druschel et al. - 2002
BibTeX entry: (Update)
Robin Sommer and Vern Paxson. Exploiting Independent State For Network Intrusion Detection. Technical Report TUM-I0420, TU Munchen, 2004. http://citeseer.ist.psu.edu/sommer04exploiting.html More
@misc{ sommer04exploiting,
author = "R. Sommer and V. Paxson",
title = "Exploiting Independent State For Network Intrusion Detection",
text = "Robin Sommer and Vern Paxson. Exploiting Independent State For Network
Intrusion Detection. Technical Report TUM-I0420, TU Munchen, 2004.",
year = "2004",
url = "citeseer.ist.psu.edu/sommer04exploiting.html" }
Citations (may not include all citations):140 Snort: Lightweight intrusion detection for networks (context) - Roesch - 1999
132 EMERALD: Event monitoring enabling responses to anomalous li.. - Porras, Neumann - 1997
65 Bro: A system for detecting network intruders in real-time - Paxson - 1999
40 Aggregation and Correlation of IntrusionDetection Alerts (context) - Debar, Wespi - 2001
23 Fast portscan detection using sequential hypothesis testing - Jung, Paxson et al. - 2004
19 Intrusion Detection: An Introduction to Internet Surveillanc.. (context) - Amoroso - 1999
17 The base-rate fallacy and its implications for the difficult.. - Axelsson - 1999
10 Clustering intrusion detection alarms to support root cause .. - Julisch - 2003
9 Stateful intrusion detection for high-speed networks - Krugel, Valeur et al. - 2002
7 20 W32/Blaster worm (context) - CA--
3 Operational experiences with high-volume network intrusion d.. (context) - Dreger, Feldmann et al. - 2004
1 Decentralized Event Correlation for Intrusion Detection - Krugel, Toth et al. - 2001
Documents on the same site (http://www.icir.org/robin/papers/): More
Enhancing Byte-Level Network Intrusion Detection Signatures.. - Sommer, Paxson (2003) (Correct)
NetFlow: Information loss or win? - Robin Sommer And (Correct)
Operational Experiences with High-Volume - Network Intrusion Detection (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC