IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Temporal sequence learning and data reduction for anomaly detection
ACM Transactions on Information and System Security (TISSEC)
DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
An investigation of geographic mapping techniques for internet hosts
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
How to Own the Internet in Your Spare Time
Proceedings of the 11th USENIX Security Symposium
Detecting Anomalous and Unknown Intrusions Against Programs
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Misuse detection for information retrieval systems
CIKM '03 Proceedings of the twelfth international conference on Information and knowledge management
Proceedings of the 2004 ACM workshop on Rapid malcode
Language-Based Generation and Evaluation of NIDS Signatures
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Efficient Intrusion Detection using Automaton Inlining
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
On the performance of internet worm scanning strategies
Performance Evaluation
Evading network anomaly detection systems: formal reasoning and practical techniques
Proceedings of the 13th ACM conference on Computer and communications security
Combining filtering and statistical methods for anomaly detection
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
On the effectiveness of distributed worm monitoring
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Dynamic application-layer protocol analysis for network intrusion detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Gnort: High Performance Network Intrusion Detection Using Graphics Processors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Exploiting execution context for the detection of anomalous system calls
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Understanding precision in host based intrusion detection: formal analysis and practical models
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Swaddler: an approach for the anomaly-based detection of state violations in web applications
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Emulation-based detection of non-self-contained polymorphic shellcode
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
Towards software-based signature detection for intrusion prevention on the network card
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Improving host-based IDS with argument abstraction to prevent mimicry attacks
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Environment-sensitive intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Interactive visualization for network and port scan detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Anagram: a content anomaly detector resistant to mimicry attack
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Enhancing network intrusion detection with integrated sampling and filtering
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
WIND: workload-aware INtrusion detection
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Wireless telemedicine and m-health: technologies, applications and research issues
International Journal of Sensor Networks
Online internet intrusion detection based on flow statistical characteristics
KSEM'11 Proceedings of the 5th international conference on Knowledge Science, Engineering and Management
A survey of security visualization for computer network logs
Security and Communication Networks
Security and Communication Networks
Accountability and Q-Accountable Logging in Wireless Networks
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
Intrusion Detection Systems (IDSes) proposed to identify or prevent the wide spread of worms can be largely classified as signature-based or anomaly-based. Modern worms are often sufficiently intelligent to hide their activities and evade anomaly detection, rendering existing IDSes (particularly signature-based) less effective. We propose PAIDS, a proximity-assisted IDS approach for identifying the outbreak of unknown worms. Operating on an orthogonal dimension with existing IDSes, PAIDS can work collaboratively with existing IDSes for better performance. Trace-driven evaluation indicates that PAIDS has high detection rates and low false-positive rates. We also build a prototype with Google Maps APIs and libpcap library.