Enhancing byte-level network intrusion detection signatures with context
作者: Robin Sommer , Vern Paxson
关键词:
摘要: Many network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false-positive …
core.ac.uk
acm.org
icir.org 参考文章(25)
Steven T. Eckmann, Translating Snort rules to STATL scenarios ,(2001)
Giovanni Vigna, Richard A. Kemmerer, NetSTAT: a network-based intrusion detection system Journal of Computer Security. ,vol. 7, pp. 37- 71 ,(1999) , 10.3233/JCS-1999-7103
Timothy N. Newsham, Thomas H. Ptacek, Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection ,(1998)
Mike Fisk, George Varghese, Fast Content-Based Packet Handling for Intrusion Detection University of California at San Diego. ,(2001) , 10.21236/ADA406413
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
R. Sekar, P. Uppuluri, Synthesizing fast intrusion prevention/detection systems from high-level specifications usenix security symposium. pp. 6- 6 ,(1999)
Vern Paxson, Christian Kreibich, Mark Handley, Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics usenix security symposium. pp. 9- 9 ,(2001)
Martin Roesch, Snort - Lightweight Intrusion Detection for Networks usenix large installation systems administration conference. pp. 229- 238 ,(1999)
H. Frystyk, L. Masinter, J. Mogul, J. Gettys, R. Fielding, P. Leach, T. Berners-Lee, Hypertext Transfer Protocol -- HTTP/1.1 acm conference on hypertext. ,vol. 2068, pp. 1- 162 ,(1997)
G. Vigna, S.T. Eckmann, R.A. Kemmerer, The STAT tool suite darpa information survivability conference and exposition. ,vol. 2, pp. 46- 55 ,(2000) , 10.1109/DISCEX.2000.821508