What packets may come: automata for network monitoring
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ACM Transactions on Information and System Security (TISSEC)
Characteristics of network traffic flow anomalies
IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
An analysis of using reflectors for distributed denial-of-service attacks
ACM SIGCOMM Computer Communication Review
Mimicry attacks on host-based intrusion detection systems
Proceedings of the 9th ACM conference on Computer and communications security
A signal analysis of network traffic anomalies
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Statistical analysis of malformed packets and their origins in the modern internet
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
NetFlow: information loss or win?
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Code-Red: a case study on the spread and victims of an internet worm
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Agile and scalable analysis of network events
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Using Rule-Based Activity Descriptions to Evaluate Intrusion-Detection Systems
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
The 1998 Lincoln Laboratory IDS Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Design and Implementation of FPGA Circuits for High Speed Network Monitors
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Predicting information flows in network traffic
Journal of the American Society for Information Science and Technology
Mining intrusion detection alarms for actionable knowledge
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Active Mapping: Resisting NIDS Evasion without Altering Traffic
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A framework for classifying denial of service attacks
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
A high-level programming environment for packet trace anonymization and transformation
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Wireless LAN location-sensing for security applications
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
Enhancing byte-level network intrusion detection signatures with context
Proceedings of the 10th ACM conference on Computer and communications security
An analysis of Internet chat systems
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Clustering intrusion detection alarms to support root cause analysis
ACM Transactions on Information and System Security (TISSEC)
Honeycomb: creating intrusion detection signatures using honeypots
ACM SIGCOMM Computer Communication Review
Conversation Exchange Dynamics for Real-Time Network Monitoring and Anomaly Detection
IWIA '04 Proceedings of the Second IEEE International Information Assurance Workshop (IWIA'04)
Protocol scrubbing: network security through transparent flow modification
IEEE/ACM Transactions on Networking (TON)
Highly available, fault-tolerant, parallel dataflows
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Deep scientific computing requires deep data
IBM Journal of Research and Development
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Support for service composition in i3
Proceedings of the 12th annual ACM international conference on Multimedia
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
On scalable attack detection in the network
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Reversible sketches for efficient and accurate change detection over network data streams
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Strategies for sound internet measurement
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
A methodology for estimating interdomain web traffic demand
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
An empirical study of spam traffic and the use of DNS black lists
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
VisFlowConnect: netflow visualizations of link relationships for security situational awareness
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Toward understanding distributed blackhole placement
Proceedings of the 2004 ACM workshop on Rapid malcode
Operational experiences with high-volume network intrusion detection
Proceedings of the 11th ACM conference on Computer and communications security
Distinguishing between single and multi-source attacks using signal processing
Computer Networks: The International Journal of Computer and Telecommunications Networking
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Measuring IP and TCP behavior on edge nodes with Tstat
Computer Networks: The International Journal of Computer and Telecommunications Networking
SPANIDS: a scalable network intrusion detection loadbalancer
Proceedings of the 2nd conference on Computing frontiers
Profiling internet backbone traffic: behavior models and applications
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Fast hash table lookup using extended bloom filter: an aid to network processing
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Passive mid-stream monitoring of real-time properties
Proceedings of the 5th ACM international conference on Embedded software
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Segmented hash: an efficient hash table implementation for high performance networking subsystems
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Automatic diagnosis and response to memory corruption vulnerabilities
Proceedings of the 12th ACM conference on Computer and communications security
Formal Methods in System Design
IDGraphs: Intrusion Detection and Analysis Using Stream Compositing
IEEE Computer Graphics and Applications
Can machine learning be secure?
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Measuring intrusion detection capability: an information-theoretic approach
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Secure coprocessor-based intrusion detection
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Mitigating denial of service attacks: a tutorial
Journal of Computer Security
An evaluation technique for network intrusion detection systems
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
Detecting evasion attacks at high speeds without reassembly
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Exploit hijacking: side effects of smart defenses
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Resource-aware multi-format network security data storage
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
SC2D: an alternative to trace anonymization
Proceedings of the 2006 SIGCOMM workshop on Mining network data
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Approximate fingerprinting to accelerate pattern matching
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Efficient sequence alignment of network traffic
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Unexpected means of protocol inference
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
A privacy-preserving interdomain audit framework
Proceedings of the 5th ACM workshop on Privacy in electronic society
Protomatching network traffic for high throughputnetwork intrusion detection
Proceedings of the 13th ACM conference on Computer and communications security
WormTerminator: an effective containment of unknown and polymorphic fast spreading worms
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
WI-IATW '06 Proceedings of the 2006 IEEE/WIC/ACM international conference on Web Intelligence and Intelligent Agent Technology
Using data-independence in the analysis of intrusion detection systems
Theoretical Computer Science - Theoretical foundations of security analysis and design II
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Using performance signatures and software rejuvenation for worm mitigation in tactical MANETs
WOSP '07 Proceedings of the 6th international workshop on Software and performance
SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots
Computer Networks: The International Journal of Computer and Telecommunications Networking
Attack profiles to derive data observations, features, and characteristics of cyber attacks
Information-Knowledge-Systems Management
On scalable attack detection in the network
IEEE/ACM Transactions on Networking (TON)
Identifying and discriminating between web and peer-to-peer traffic in the network core
Proceedings of the 16th international conference on World Wide Web
BINDER: an extrusion-based break-in detector for personal computers
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Brooery: a graphical environment for analysis of security-relevant network activity
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Design and implementation of netdude, a framework for packet trace manipulation
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Using runtime paths for macroanalysis
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
A first look at modern enterprise traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
The power of slicing in internet flow measurement
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Predicting short-transfer latency from TCP arcana: a trace-based validation
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Building a time machine for efficient recording and retrieval of high-volume network traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Collaborating against common enemies
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Measurement and analysis of spywave in a university environment
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Path-based faliure and evolution management
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Using routing and tunneling to combat DoS attacks
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Reducing unwanted traffic in a backbone network
SRUTI'05 Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop
Leveraging good intentions to reduce unwanted network traffic
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Denial of service via algorithmic complexity attacks
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Very fast containment of scanning worms
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Autograph: toward automated, distributed worm signature detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Robust TCP stream reassembly in the presence of adversaries
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
A platform for unobtrusive measurements on PlanetLab
WORLDS'06 Proceedings of the 3rd conference on USENIX Workshop on Real, Large Distributed Systems - Volume 3
Semi-supervised network traffic classification
Proceedings of the 2007 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Non-Gaussian and Long Memory Statistical Characterizations for Internet Traffic with Anomalies
IEEE Transactions on Dependable and Secure Computing
WormShield: Fast Worm Signature Generation with Distributed Fingerprint Aggregation
IEEE Transactions on Dependable and Secure Computing
MULTOPS: a data-structure for bandwidth attack detection
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Offline/realtime traffic classification using semi-supervised learning
Performance Evaluation
Grid user requirements--2004: a perspective from the trenches
Cluster Computing
Understanding passive and active service discovery
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
Proceedings of the 14th ACM conference on Computer and communications security
Proceedings of the 14th ACM conference on Computer and communications security
Lightweight application classification for network management
Proceedings of the 2007 SIGCOMM workshop on Internet network management
Reversible sketches: enabling monitoring and analysis over high-speed data streams
IEEE/ACM Transactions on Networking (TON)
Dependency-based distributed intrusion detection
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
DPICO: a high speed deep packet inspection engine using compact finite automata
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Noninvasive Methods for Host Certification
ACM Transactions on Information and System Security (TISSEC)
ATLANTIDES: an architecture for alert verification in network intrusion detection systems
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
A generic language for application-specific flow sampling
ACM SIGCOMM Computer Communication Review
On the (un)reliability of eavesdropping
International Journal of Security and Networks
Design and analysis of a multipacket signature detection system
International Journal of Security and Networks
On-demand view materialization and indexing for network forensic analysis
NETB'07 Proceedings of the 3rd USENIX international workshop on Networking meets databases
Detector SherLOCK: Enhancing TRW with Bloom filters under memory and performance constraints
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detecting worm variants using machine learning
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
A comparative analysis of web and peer-to-peer traffic
Proceedings of the 17th international conference on World Wide Web
Classification of intrusion detection alerts using abstaining classifiers
Intelligent Data Analysis
Approximate autoregressive modeling for network attack detection
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
Hierarchical multi-pattern matching algorithm for network content inspection
Information Sciences: an International Journal
Predicting the resource consumption of network intrusion detection systems
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Swift: a fast dynamic packet filter
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
A policy-aware switching layer for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
What's going on?: learning communication rules in edge networks
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Enriching network security analysis with time travel
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Deflating the big bang: fast and scalable deep packet inspection with extended finite automata
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Intrusion Detection as Passive Testing: Linguistic Support with TTCN-3 (Extended Abstract)
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Distributed Evasive Scan Techniques and Countermeasures
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Implementation Issues of Early Application Identification
AINTEC '07 Proceedings of the 3rd Asian conference on Internet Engineering: Sustainable Internet
Reducing Payload Scans for Attack Signature Matching Using Rule Classification
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
A Tool for Offline and Live Testing of Evasion Resilience in Network Intrusion Detection Systems
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Predicting the Resource Consumption of Network Intrusion Detection Systems
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
High-Speed Matching of Vulnerability Signatures
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
How healthy are today's enterprise networks?
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Privacy oracle: a system for finding application leaks with black box differential testing
Proceedings of the 15th ACM conference on Computer and communications security
Tupni: automatic reverse engineering of input formats
Proceedings of the 15th ACM conference on Computer and communications security
DDoS attacks detection model and its application
WSEAS Transactions on Computers
Correlation-based load balancing for network intrusion detection and prevention systems
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Novel Worm Detection Model Based on Host Packet Behavior Ranking
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Bridging the gap: software specification meets intrusion detector
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Using self-organizing maps to build an attack map for forensic analysis
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
An image processing approach to traffic anomaly detection
Proceedings of the 4th Asian Conference on Internet Engineering
ASSURE: automatic software self-healing using rescue points
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
DDoS-shield: DDoS-resilient scheduling to counter application layer attacks
IEEE/ACM Transactions on Networking (TON)
Comments on selecting ephemeral ports
ACM SIGCOMM Computer Communication Review
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
TCP Reassembler for Layer7-Aware Network Intrusion Detection/Prevention Systems
IEICE - Transactions on Information and Systems
Filtering False Positives Based on Server-Side Behaviors
IEICE - Transactions on Information and Systems
An efficient analytical solution to thwart DDoS attacks in public domain
Proceedings of the International Conference on Advances in Computing, Communication and Control
Automating analysis of large-scale botnet probing events
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Extending finite automata to efficiently match Perl-compatible regular expressions
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Performance Improvement by Means of Collaboration between Network Intrusion Detection Systems
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
Portscan Detection with Sampled NetFlow
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
TIE: A Community-Oriented Traffic Classification Platform
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Review: Application classification using packet size distribution and port association
Journal of Network and Computer Applications
Spatio-temporal network anomaly detection by assessing deviations of empirical measures
IEEE/ACM Transactions on Networking (TON)
Identifying Modeling Errors in Signatures by Model Checking
Proceedings of the 16th International SPIN Workshop on Model Checking Software
Yataglass: Network-Level Code Emulation for Analyzing Memory-Scanning Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Impact of IT monoculture on behavioral end host intrusion detection
Proceedings of the 1st ACM workshop on Research on enterprise networking
When gossip is good: distributed probabilistic inference for detection of slow network intrusions
AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
OpenLIDS: a lightweight intrusion detection system for wireless mesh networks
Proceedings of the 15th annual international conference on Mobile computing and networking
COD: online temporal clustering for outbreak detection
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
Understanding online social network usage from a network perspective
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
On dominant characteristics of residential broadband internet traffic
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
On calibrating enterprise switch measurements
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Efficient joins with compressed bitmap indexes
Proceedings of the 18th ACM conference on Information and knowledge management
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
Measuring IP and TCP behavior on edge nodes with Tstat
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dispatcher: enabling active botnet infiltration using automatic protocol reverse-engineering
Proceedings of the 16th ACM conference on Computer and communications security
On the use of compression algorithms for the classification of IP flows
SPECTS'09 Proceedings of the 12th international conference on Symposium on Performance Evaluation of Computer & Telecommunication Systems
SecSip: a stateful firewall for SIP-based networks
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Exploiting Temporal Persistence to Detect Covert Botnet Channels
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
ACM Transactions on Information and System Security (TISSEC)
Data mining and machine learning-Towards reducing false positives in intrusion detection
Information Security Tech. Report
Flooding attacks detection and victim identification over high speed networks
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Evolving TCP/IP packets: a case study of port scans
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Proceedings of the Third European Workshop on System Security
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Content-based methodology for anomaly detection on the web
AWIC'03 Proceedings of the 1st international Atlantic web intelligence conference on Advances in web intelligence
Early recognition of encrypted applications
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Packet capture in 10-gigabit Ethernet environments using contemporary commodity hardware
PAM'07 Proceedings of the 8th international conference on Passive and active network measurement
Real-time behaviour profiling for network monitoring
International Journal of Internet Protocol Technology
On-line predictive load shedding for network monitoring
NETWORKING'07 Proceedings of the 6th international IFIP-TC6 conference on Ad Hoc and sensor networks, wireless networks, next generation internet
TokDoc: a self-healing web application firewall
Proceedings of the 2010 ACM Symposium on Applied Computing
Botzilla: detecting the "phoning home" of malicious software
Proceedings of the 2010 ACM Symposium on Applied Computing
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
SpyShield: preserving privacy from spy add-ons
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
An intrusion detection method based on system call temporal serial analysis
ICIC'07 Proceedings of the intelligent computing 3rd international conference on Advanced intelligent computing theories and applications
Simulation of dynamic honeypot based redirection to counter service level DDoS attacks
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Continuous adaptive mining the thin skylines over evolving data stream
ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology
Algebra for capability based attack correlation
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
The cubicle vs. the coffee shop: behavioral modes in enterprise end-users
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Listen too closely and you may be confused
Proceedings of the 13th international conference on Security protocols
HiFIND: A high-speed flow-level intrusion detection approach with DoS resiliency
Computer Networks: The International Journal of Computer and Telecommunications Networking
Secure multi-agent coordination in a network monitoring system
Software engineering for large-scale multi-agent systems
ReFormat: automatic reverse engineering of encrypted messages
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Automatically generating models for botnet detection
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Anomaly intrusion detection for evolving data stream based on semi-supervised learning
ICONIP'08 Proceedings of the 15th international conference on Advances in neuro-information processing - Volume Part I
Thwarting zero-day polymorphic worms with network-level length-based signature generation
IEEE/ACM Transactions on Networking (TON)
Measurement and diagnosis of address misconfigured P2P traffic
INFOCOM'10 Proceedings of the 29th conference on Information communications
Accelerating the bit-split string matching algorithm using Bloom filters
Computer Communications
NetShield: massive semantics-based vulnerability signature matching for high-speed networks
Proceedings of the ACM SIGCOMM 2010 conference
WebProphet: automating performance prediction for web services
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Effective and efficient malware detection at the end host
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
A preliminary analysis of TCP performance in an enterprise network
INM/WREN'10 Proceedings of the 2010 internet network management conference on Research on enterprise networking
International Journal of Network Management
Packet scheduling for deep packet inspection on multi-core architectures
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A fuzzy-based dynamic provision approach for virtualized network intrusion detection systems
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
Event-driven architecture based on patterns for detecting complex attacks
International Journal of Critical Computer-Based Systems
Improving content delivery using provider-aided distance information
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Temporally oblivious anomaly detection on large networks using functional peers
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Experience with high-speed automated application-identification for network-management
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A longitudinal view of HTTP traffic
PAM'10 Proceedings of the 11th international conference on Passive and active measurement
A log analyzer agent for intrusion detection in a multi-agent system
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part I
CANVuS: context-aware network vulnerability scanning
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
NetStore: an efficient storage infrastructure for network forensics and monitoring
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Community epidemic detection using time-correlated anomalies
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
NIDS architecture for clusters
CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
Mitigating DoS attack through selective bin verification
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Network intrusion detection with semantics-aware capability
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Network-wide deployment of intrusion detection and prevention systems
Proceedings of the 6th International COnference
SocialFilter: introducing social trust to collaborative spam mitigation
CollSec'10 Proceedings of the 2010 international conference on Collaborative methods for security and privacy
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Using constraints for intrusion detection: the NeMODe system
PADL'11 Proceedings of the 13th international conference on Practical aspects of declarative languages
Honeypot in network security: a survey
Proceedings of the 2011 International Conference on Communication, Computing & Security
A two-tier system for web attack detection using linear discriminant method
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Quantifying the accuracy of the ground truth associated with Internet traffic traces
Computer Networks: The International Journal of Computer and Telecommunications Networking
The power of one move: hashing schemes for hardware
IEEE/ACM Transactions on Networking (TON)
A semantic framework for data analysis in networked systems
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Analyzing network behaviors with knowledge acquisition and data warehousing
ICCOMP'06 Proceedings of the 10th WSEAS international conference on Computers
NAT usage in residential broadband networks
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
A practical approach to portscan detection in very high-speed links
PAM'11 Proceedings of the 12th international conference on Passive and active measurement
ASAP: automatic semantics-aware analysis of network payloads
PSDML'10 Proceedings of the international ECML/PKDD conference on Privacy and security issues in data mining and machine learning
SLA-based complementary approach for network intrusion detection
Computer Communications
An assessment of overt malicious activity manifest in residential networks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Measuring pay-per-install: the commoditization of malware distribution
SEC'11 Proceedings of the 20th USENIX conference on Security
Telex: anticensorship in the network infrastructure
SEC'11 Proceedings of the 20th USENIX conference on Security
Frenetic: a network programming language
Proceedings of the 16th ACM SIGPLAN international conference on Functional programming
State of the Practice Reports
A Passive Network Appliance for Real-Time Network Monitoring
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
The SSL landscape: a thorough analysis of the x.509 PKI using active and passive measurements
Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference
ICICS'11 Proceedings of the 13th international conference on Information and communications security
A fast worm scan detection tool for VPN congestion avoidance
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
A compiler and run-time system for network programming languages
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
ISNN'06 Proceedings of the Third international conference on Advances in Neural Networks - Volume Part III
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Session level flow classification by packet size distribution and session grouping
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design and implementation of a fast dynamic packet filter
IEEE/ACM Transactions on Networking (TON)
A sophisticated solution for revealing attacks on wireless LAN
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
IDS false alarm reduction using continuous and discontinuous patterns
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Streams, security and scalability
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Enhancing the accuracy of network-based intrusion detection with host-based context
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Towards software-based signature detection for intrusion prevention on the network card
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
A hypothesis testing based scalable TCP scan detection
ICOIN'06 Proceedings of the 2006 international conference on Information Networking: advances in Data Communications and Wireless Networks
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Simulating content in traffic for benchmarking intrusion detection systems
Proceedings of the 4th International ICST Conference on Simulation Tools and Techniques
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Towards an information-theoretic framework for analyzing intrusion detection systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
WIND: workload-aware INtrusion detection
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
SafeCard: a gigabit IPS on the network card
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Adaptive detection of local scanners
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Libtrace: a packet capture and analysis library
ACM SIGCOMM Computer Communication Review
Managing DFA History with Queue for Deflation DFA
Journal of Network and Systems Management
A graph mining approach for detecting unknown malwares
Journal of Visual Languages and Computing
Investigating IPv6 traffic: what happened at the world IPv6 day?
PAM'12 Proceedings of the 13th international conference on Passive and Active Measurement
Pitfalls in HTTP traffic measurements and analysis
PAM'12 Proceedings of the 13th international conference on Passive and Active Measurement
A distributed intrusion detection scheme for wireless ad hoc networks
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Web workload generation challenges - an empirical investigation
Software—Practice & Experience
Intrusion as (anti)social communication: characterization and detection
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Procera: a language for high-level reactive network control
Proceedings of the first workshop on Hot topics in software defined networks
Tolerating overload attacks against packet capturing systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Game-theoretic resource allocation for malicious packet detection in computer networks
Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems - Volume 2
Chimera: a declarative language for streaming network traffic analysis
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Automatic network intrusion detection: Current techniques and open issues
Computers and Electrical Engineering
Enabling content-aware traffic engineering
ACM SIGCOMM Computer Communication Review
Proceedings of the Fifth International Conference on Security of Information and Networks
Collaborative anomaly-based attack detection
IWSOS'07 Proceedings of the Second international conference on Self-Organizing Systems
Model-driven, network-context sensitive intrusion detection
MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems
ALERT-ID: analyze logs of the network element in real time for intrusion detection
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
A lone wolf no more: supporting network intrusion detection with real-time intelligence
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
BotFinder: finding bots in network traffic without deep packet inspection
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Intelligent network security assessment with modeling and analysis of attack patterns
Security and Communication Networks
ACM SIGCOMM Computer Communication Review
An event-based packet dropping detection scheme for wireless mesh networks
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Intelligent alarm filter using knowledge-based alert verification in network intrusion detection
ISMIS'12 Proceedings of the 20th international conference on Foundations of Intelligent Systems
NSS'12 Proceedings of the 6th international conference on Network and System Security
Re-examining the performance bottleneck in a NIDS with detailed profiling
Journal of Network and Computer Applications
A-DFA: A Time- and Space-Efficient DFA Compression Algorithm for Fast Regular Expression Evaluation
ACM Transactions on Architecture and Code Optimization (TACO)
Service-independent payload analysis to improve intrusion detection in network traffic
AusDM '08 Proceedings of the 7th Australasian Data Mining Conference - Volume 87
Computer Networks: The International Journal of Computer and Telecommunications Networking
Automatic protocol reverse-engineering: Message format extraction and field semantics inference
Computer Networks: The International Journal of Computer and Telecommunications Networking
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
A bigData platform for analytics on access control policies and logs
Proceedings of the 18th ACM symposium on Access control models and technologies
Scalanytics: a declarative multi-core platform for scalable composable traffic analytics
Proceedings of the 22nd international symposium on High-performance parallel and distributed computing
The Journal of Supercomputing
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
Information Sciences: an International Journal
Split/merge: system support for elastic execution in virtual middleboxes
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
SIMPLE-fying middlebox policy enforcement using SDN
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Here's my cert, so trust me, maybe?: understanding TLS errors on the web
Proceedings of the 22nd international conference on World Wide Web
FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
On modern DNS behavior and properties
ACM SIGCOMM Computer Communication Review
Pushing CDN-ISP collaboration to the limit
ACM SIGCOMM Computer Communication Review
Scap: stream-oriented network traffic capture and analysis for high-speed networks
Proceedings of the 2013 conference on Internet measurement conference
Exploring EDNS-client-subnet adopters in your free time
Proceedings of the 2013 conference on Internet measurement conference
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
Toward supervised anomaly detection
Journal of Artificial Intelligence Research
Carat: collaborative energy diagnosis for mobile devices
Proceedings of the 11th ACM Conference on Embedded Networked Sensor Systems
A novel threshold-based scan detection method using genetic algorithm
Proceedings of the 6th International Conference on Security of Information and Networks
Pico replication: a high availability framework for middleboxes
Proceedings of the 4th annual Symposium on Cloud Computing
No attack necessary: the surprising dynamics of SSL trust relationships
Proceedings of the 29th Annual Computer Security Applications Conference
Improving the performance of neural networks with random forest in detecting network intrusions
ISNN'13 Proceedings of the 10th international conference on Advances in Neural Networks - Volume Part II
A scalable network forensics mechanism for stealthy self-propagating attacks
Computer Communications
A survey of intrusion detection techniques for cyber-physical systems
ACM Computing Surveys (CSUR)
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Reviewing traffic classification
DataTraffic Monitoring and Analysis
Information Sciences: an International Journal
The company you keep: mobile malware infection rates and inexpensive risk indicators
Proceedings of the 23rd international conference on World wide web
Journal of Network and Computer Applications
A Distributed and Collaborative Intrusion Detection Architecture for Wireless Mesh Networks
Mobile Networks and Applications
| Hi-index | 0.00 |