TRINETR: An Intrusion Detection Alert Management System
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Defending Distributed Systems Against Malicious Intrusions and Network Anomalies
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Polygraph: Automatically Generating Signatures for Polymorphic Worms
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Research on automated rollbackability of intrusion response
Journal of Computer Security
Autograph: toward automated, distributed worm signature detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
We have proposed automated signature generation engine for unknown attack detection. For this proposal, we have studied signature engine divided into header field and payload field. Especially, in payload field, we proposed signature generation agent which can be presented by using Suffix tree, and Longest Common Subsequence(LCSeq) among them is used to generate new signature automatically. Through the test, Snort signature and generated signature by using Longest Common Subsequence(LCSeq) are compared and evaluated.