Temporal reasoning based on semi-intervals
Artificial Intelligence
NADIR: an automated system for detecting network intrusion and misuse
Computers and Security
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
NetSTAT: a network-based intrusion detection system
Journal of Computer Security
Maintaining knowledge about temporal intervals
Communications of the ACM
Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Intrusion detection inter-component adaptive negotiation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Abstraction-based intrusion detection in distributed environments
ACM Transactions on Information and System Security (TISSEC)
Implementation techniques for main memory database systems
SIGMOD '84 Proceedings of the 1984 ACM SIGMOD international conference on Management of data
A Data Mining and CIDF Based Approach for Detecting Novel and Distributed Intrusions
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
NetSTAT: A Network-Based Intrusion Detection Approach
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Detecting Anomalous and Unknown Intrusions Against Programs
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Abstraction-Based Misuse Detection: High-Level Specifications and Adaptable Strategies
CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
Distributed audit trail analysis
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Holding intruders accountable on the Internet
SP '95 Proceedings of the 1995 IEEE Symposium on Security and Privacy
NSTAT: A Model-based Real-time Network Intrusion Detection System
NSTAT: A Model-based Real-time Network Intrusion Detection System
Abstraction-based misuse detection: high-level specifications and adaptable strategies
Abstraction-based misuse detection: high-level specifications and adaptable strategies
Modeling requests among cooperating intrusion detection systems
Computer Communications
IEEE Network: The Magazine of Global Internetworking
Application of SVM and ANN for intrusion detection
Computers and Operations Research
D-SCIDS: distributed soft computing intrusion detection system
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Attack abstraction using a multiagent system for intrusion detection
Journal of Intelligent & Fuzzy Systems: Applications in Engineering and Technology
| Hi-index | 0.24 |
This paper presents the design and implementation of a decentralized research prototype intrusion detection system (IDS) named coordinated attacks response and detection system (CARDS), which aims at detecting distributed attacks that cannot be detected using data collected at any single place. CARDS adopts a signature-based approach. It consists of three kinds of independent but cooperative components: signature manager, monitor, and directory service. Unlike traditional distributed IDSs, CARDS decomposes global representations of distributed attacks into smaller units (called detection tasks) that correspond to the distributed events indicating the attacks, and then executes and coordinates the detection tasks in the places where the corresponding events are observed.