Giovanni Vigna  Home/Search
Context Related
| ucsb.edu/~kemm/Net...mmerer_jcs99.ps.gz ucsb.edu/~vigna/ST...mmerer_jcs99.ps.gz ucsb.edu/~rsg/pub/...mmerer_jcs99.ps.gz Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: ucsb.edu/~vigna/STAT/documents (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Network-based attacks are becoming more common and sophisticated. For this reason, intrusion detection systems are now shifting their focus from the hosts and their operating systems to the network itself. Network-based intrusion detection is challenging because network auditing produces large amounts of data, and di erent events related to a single intrusion may be visible in di erent places on the network. This paper presents a new approach that applies the State Transition Analysis Technique ... (Update)
Cited by: More
Tools for Generating and Analyzing Attack Graphs - Oleg Sheyner And (2004) (Correct)
A Multiagent Approach to Outbound Intrusion Detection - Mandujano (2004) (Correct)
A Declarative Approach to Stateful Intrusion - Detection And Network (2004) (Correct)
Similar documents (at the sentence level):
20.0%: NetSTAT: A Network-based Intrusion Detection Approach - Vigna (1998) (Correct)
Active bibliography (related documents): More All
0.7: STATL: An Attack Language for State-based Intrusion Detection - Eckmann, Vigna, Kemmerer (2000) (Correct)
0.6: Intrusion Detection: A Bibliography - Mé, Michel (2001) (Correct)
0.6: Designing a Web of Highly-Configurable Intrusion Detection.. - Vigna, Kemmerer, Blix (2001) (Correct)
Similar documents based on text: More All
0.5: Characterizing the Performance of Network Intrusion .. - Schaelicke.. (2003) (Correct)
0.5: Stateful Intrusion Detection for High-Speed Networks - Kruegel, Valeur, Vigna.. (2002) (Correct)
0.4: Exclusion-based Signature Matching for Intrusion.. - Markatos, Antonatos.. (2002) (Correct)
Related documents from co-citation: More All
23: EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances - Porras, Neumann - 1997
22: Snort - Lightweight Intrusion Detection for Networks (context) - Roesch - 1999
14: Experience with EMERALD to DATE - Neumann, Porras - 1999
BibTeX entry: (Update)
G. Vigna and R.A. Kemmerer. NetSTAT: A Networkbased Intrusion Detection System. Journal of Computer Security, 7(1):37--71, 1999. http://citeseer.ist.psu.edu/vigna99netstat.html More
@article{ vigna99netstat,
author = "Giovanni Vigna and Richard A. Kemmerer",
title = "NetSTAT: A Network-based Intrusion Detection System",
journal = "Journal of Computer Security",
volume = "7",
number = "1",
year = "1999",
url = "citeseer.ist.psu.edu/vigna99netstat.html" }
Citations (may not include all citations):640 Transmission Control Protocol (context) - Postel - 1981
428 Internet Protocol (context) - Postel - 1981
412 Security Architecture for the Internet Protocol (context) - Kent, Atkinson - 1998
304 User Datagram Protocol - Postel - 1980
299 The BSD Packet Filter: A New Architecture for User-level Pac.. - McCanne, Jacobson - 1993
133 IEEE Transactions on Software Engineering (context) - Denning, Detection - 1987
132 EMERALD: Event Monitoring Enabling Responses to Anomalous Li.. - Porras, Neumann - 1997
129 Internet Protocol (context) - Deering, Hinden - 1998
121 Network Intrusion Detection (context) - Mukherjee, Heberlein et al. - 1994
113 North-Holland (context) - Berge - 1989
105 State Transition Analysis: A Rule-Based Intrusion Detection .. - Ilgun, Kemmerer et al. - 1995
105 IP Authentication Header (context) - Kent, Atkinson - 1998
79 Computer Security Threat Monitoring and Surveillance (context) - Anderson - 1980
78 Security Problems in the TCP/IP Protocol Suite - Bellovin - 1990
68 A Network Security Monitor (context) - Heberlein, Dias et al. - 1990
63 An Architecture for Intrusion Detection using Autonomous Age.. - Balasubramaniyan, Garcia-Fernandez et al. - 1998
59 USTAT: A Real-time Intrusion Detection System for UNIX - Ilgun - 1992
59 USTAT: A Real-time Intrusion Detection System for UNIX - Ilgun - 1993
58 IP Encapsulating Security Payload (context) - Kent, Atkinson - 1998
41 The SRI IDES Statistical Anomaly Detector (context) - Javitz, Valdes - 1991
34 NetSTAT: A Network-based Intrusion Detection Approach - Vigna, Kemmerer - 1998
22 DARPA Intrusion Detection Evaluation (context) - Lab - 1998
21 Distributed Intrusion Detection System) { motivation (context) - Snapp, Brentano et al. - 1991
14 NSTAT: A Model-based Real-time Network Intrusion Detection S.. - Kemmerer - 1997
10 BSD UNIX TCP/IP Software (context) - Morris, in - 1985
10 and Using the Basic Security Module (context) - Microsystems, Installing - 1991
10 The Design of GrIDS: A Graph-Based Intrusion Detection Syste.. - Cheung, Crawford et al. - 1999
9 A Unix Network Protocol Security Study: Network Information .. - Hess, Sa et al. - 1992
7 A Unix Prototype for Intrusion and Anomaly Detection in Secu.. (context) - Winkler - 1990
4 Introduction to RealSecure Version (context) - Systems - 1999
3 A Topological Characterization of TCP/IP Security - Vigna - 1996
3 A State Transition Analysis Tool for Intrusion Detection (context) - Porras - 1992
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://www.cs.ucsb.edu/~vigna/STAT/documents.html): More
State Transition Analysis: A Rule-Based Intrusion Detection Approach - Ilgun (1995) (Correct)
NetSTAT: A Network-based Intrusion Detection Approach - Vigna (1998) (Correct)
NSTAT: A Model-based Real-time Network Intrusion Detection System - Kemmerer (1997) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC