Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
The many faces of publish/subscribe
ACM Computing Surveys (CSUR)
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
Enriching network security analysis with time travel
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Outsourcing home network security
Proceedings of the 2010 ACM SIGCOMM workshop on Home networks
CANVuS: context-aware network vulnerability scanning
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
New opportunities for load balancing in network-wide intrusion detection systems
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Hi-index | 0.00 |
We argue that for both defending against attacks and apprehending the scope of attacks after they are detected, there is great utility in attaining views of network activity that are unified across time and space. By this we mean enabling operators to apply particular analyses to both past and future activity in a coherent fashion, and applied across a wealth of information collected from a variety of monitoring points, including across administratively independent sites. We outline the core design goals necessary for building systems to develop such visibility in an operationally viable way.