The Kerf Toolkit for Intrusion Analysis

Authors:
Javed Aslam;Sergey Bratus;David Kotz;Ron Peterson;Brett Tofel;Daniela Rus
Affiliations:
Northeastern University;Dartmouth College;Dartmouth College;Dartmouth College;Dartmouth College;Massachusetts Institute of Technology
Venue:
IEEE Security and Privacy
Year:
2004

Citing 8
Cited 0

STATL: an attack language for state-based intrusion detection

Journal of Computer Security
ASAX: Software Architecture and Rule-Based Language for Universal Audit Trail Analysis

ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Mnemosyne: Designing and Implementing Network Short-Term Memory

ICECCS '02 Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems
Validation of Sensor Alert Correlators

IEEE Security and Privacy
The Honeynet Project: Trapping the Hackers

IEEE Security and Privacy
A secure station for network monitoring and control

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Analyzing intensive intrusion alerts via correlation

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
M2D2: a formal data model for IDS alert correlation

RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection

Quantified Score

Hi-index	0.00

Visualization

Abstract

To aid system administrators with post-attack intrusion analysis, the Kerf toolkit provides an integrated front end and powerful correlation and data-representation tools, all in one package.