Algorithms in C: Parts 1-4, Fundamentals, Data Structures, Sorting, and Searching
Algorithms in C: Parts 1-4, Fundamentals, Data Structures, Sorting, and Searching
Service specific anomaly detection for network intrusion detection
Proceedings of the 2002 ACM symposium on Applied computing
ADeLe: an attack description language for knowledge-based intrustion detection
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
Practical automated detection of stealthy portscans
Journal of Computer Security
Agile and scalable analysis of network events
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Designing a Web of Highly-Configurable Intrusion Detection Sensors
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
System Health and Intrusion Monitoring Using a Hierarchy of Constraints
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
Decentralized Event Correlation for Intrusion Detection
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
An Intrusion Detection System for Aglets
MA '02 Proceedings of the 6th International Conference on Mobile Agents
Specialized Hardware for Deep Network Packet Filtering
FPL '02 Proceedings of the Reconfigurable Computing Is Going Mainstream, 12th International Conference on Field-Programmable Logic and Applications
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Proceedings of the 25th International Conference on Software Engineering
Internet security and intrusion detection
Proceedings of the 25th International Conference on Software Engineering
Formal Specification of Intrusion Signatures and Detection Rules
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
A pipelined memory architecture for high throughput network processors
Proceedings of the 30th annual international symposium on Computer architecture
Log Auditing through Model-Checking
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Markov Chains, Classifiers, and Intrusion Detection
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Lightweight agents for intrusion detection
Journal of Systems and Software
Designing and implementing a family of intrusion detection systems
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Alert aggregation in mobile ad hoc networks
WiSe '03 Proceedings of the 2nd ACM workshop on Wireless security
Genetic Programming and Evolvable Machines
Learning attack strategies from intrusion alerts
Proceedings of the 10th ACM conference on Computer and communications security
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Enhancing byte-level network intrusion detection signatures with context
Proceedings of the 10th ACM conference on Computer and communications security
An analysis of Internet chat systems
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Bitmap algorithms for counting active flows on high speed links
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Sketch-based change detection: methods, evaluation, and applications
Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Towards NIC-based intrusion detection
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
Automated tools to implement and test Internet systems in reconfigurable hardware
ACM SIGCOMM Computer Communication Review
Honeycomb: creating intrusion detection signatures using honeypots
ACM SIGCOMM Computer Communication Review
Measuring normality in HTTP traffic for anomaly-based intrusion detection
Computer Networks: The International Journal of Computer and Telecommunications Networking
A fast string-matching algorithm for network processor-based intrusion detection system
ACM Transactions on Embedded Computing Systems (TECS)
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Characteristics of internet background radiation
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Introducing scalability in network measurement: toward 10 Gbps with commodity hardware
Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Automatic analysis of firewall and network intrusion detection system configurations
Proceedings of the 2004 ACM workshop on Formal methods in security engineering
SnortView: visualization system of snort logs
Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Toward understanding distributed blackhole placement
Proceedings of the 2004 ACM workshop on Rapid malcode
Operational experiences with high-volume network intrusion detection
Proceedings of the 11th ACM conference on Computer and communications security
Testing network-based intrusion detection signatures using mutant exploits
Proceedings of the 11th ACM conference on Computer and communications security
Web tap: detecting covert web traffic
Proceedings of the 11th ACM conference on Computer and communications security
I know my network: collaboration and expertise in intrusion detection
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
Self-regenerative software components
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
A Comprehensive Approach to Intrusion Detection Alert Correlation
IEEE Transactions on Dependable and Secure Computing
Hardware and Binary Modification Support for Code Pointer Protection From Buffer Overflow
Proceedings of the 37th annual IEEE/ACM International Symposium on Microarchitecture
Analyzing Distributed Denial of Service Tools: The Shaft Case
LISA '00 Proceedings of the 14th USENIX conference on System administration
Efficient packet classification for network intrusion detection using FPGA
Proceedings of the 2005 ACM/SIGDA 13th international symposium on Field-programmable gate arrays
Change-Point Monitoring for the Detection of DoS Attacks
IEEE Transactions on Dependable and Secure Computing
Network-based Intrusion Detection-Modeling for a Larger Picture
LISA '02 Proceedings of the 16th USENIX conference on System administration
LISA '04 Proceedings of the 18th USENIX conference on System administration
Some Issues in Solving the Anomaly Detection Problem using Immunological Approach
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 6 - Volume 07
Defending Distributed Systems Against Malicious Intrusions and Network Anomalies
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
WMPI '04 Proceedings of the 3rd workshop on Memory performance issues: in conjunction with the 31st international symposium on computer architecture
Configurable string matching hardware for speeding up intrusion detection
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
SPANIDS: a scalable network intrusion detection loadbalancer
Proceedings of the 2nd conference on Computing frontiers
HyperSpector: virtual distributed monitoring environments for secure intrusion detection
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
A High Throughput String Matching Architecture for Intrusion Detection and Prevention
Proceedings of the 32nd annual international symposium on Computer Architecture
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
The taser intrusion recovery system
Proceedings of the twentieth ACM symposium on Operating systems principles
Architectural impact of stateful networking applications
Proceedings of the 2005 ACM symposium on Architecture for networking and communications systems
Controlling the effects of anomalous ARP behaviour on ethernet networks
CoNEXT '05 Proceedings of the 2005 ACM conference on Emerging network experiment and technology
Automatic diagnosis and response to memory corruption vulnerabilities
Proceedings of the 12th ACM conference on Computer and communications security
Ontology-based knowledge fusion framework using graph partitioning
IEA/AIE'2003 Proceedings of the 16th international conference on Developments in applied artificial intelligence
An Active Splitter Architecture for Intrusion Detection and Prevention
IEEE Transactions on Dependable and Secure Computing
Modeling the data-dependent performance of pattern-matching architectures
Proceedings of the 2006 ACM/SIGDA 14th international symposium on Field programmable gate arrays
Measuring intrusion detection capability: an information-theoretic approach
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Optimization of regular expression pattern matching circuits on FPGA
Proceedings of the conference on Design, automation and test in Europe: Designers' forum
Bit-split string-matching engines for intrusion detection and prevention
ACM Transactions on Architecture and Code Optimization (TACO)
A Scalable Architecture For High-Throughput Regular-Expression Pattern Matching
Proceedings of the 33rd annual international symposium on Computer Architecture
A formal approach to sensor placement and configuration in a network intrusion detection system
Proceedings of the 2006 international workshop on Software engineering for secure systems
An anomaly-driven reverse proxy for web applications
Proceedings of the 2006 ACM symposium on Applied computing
Immune anomaly detection enhanced with evolutionary paradigms
Proceedings of the 8th annual conference on Genetic and evolutionary computation
An evaluation technique for network intrusion detection systems
InfoScale '06 Proceedings of the 1st international conference on Scalable information systems
Description of bad-signatures for network intrusion detection
ACSW Frontiers '06 Proceedings of the 2006 Australasian workshops on Grid computing and e-research - Volume 54
STARMINE: a visualization system for cyber attacks
APVis '06 Proceedings of the 2006 Asia-Pacific Symposium on Information Visualisation - Volume 60
Detecting evasion attacks at high speeds without reassembly
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Algorithms to accelerate multiple regular expressions matching for deep packet inspection
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Resource-aware multi-format network security data storage
Proceedings of the 2006 SIGCOMM workshop on Large-scale attack defense
Is sampled data sufficient for anomaly detection?
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
binpac: a yacc for writing application protocol parsers
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Approximate fingerprinting to accelerate pattern matching
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Signature metrics for accurate and automated worm detection
Proceedings of the 4th ACM workshop on Recurring malcode
Evading network anomaly detection systems: formal reasoning and practical techniques
Proceedings of the 13th ACM conference on Computer and communications security
An effective defense against email spam laundering
Proceedings of the 13th ACM conference on Computer and communications security
Advanced algorithms for fast and scalable deep packet inspection
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
WormTerminator: an effective containment of unknown and polymorphic fast spreading worms
Proceedings of the 2006 ACM/IEEE symposium on Architecture for networking and communications systems
Traffic classification through simple statistical fingerprinting
ACM SIGCOMM Computer Communication Review
Modeling network intrusion detection alerts for correlation
ACM Transactions on Information and System Security (TISSEC)
Bitmap algorithms for counting active flows on high-speed links
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
NetHost-sensor: Monitoring a target host's application via system calls
Information Security Tech. Report
Learning DFA representations of HTTP for protecting web applications
Computer Networks: The International Journal of Computer and Telecommunications Networking
SweetBait: Zero-hour worm detection and containment using low- and high-interaction honeypots
Computer Networks: The International Journal of Computer and Telecommunications Networking
Anomaly detection in TCP/IP networks using immune systems paradigm
Computer Communications
Conservative vs. optimistic parallelization of stateful network intrusion detection
Proceedings of the 12th ACM SIGPLAN symposium on Principles and practice of parallel programming
Software—Practice & Experience
RAAS: a reliable analyzer and archiver for snort intrusion detection system
Proceedings of the 2007 ACM symposium on Applied computing
Ourmon and network monitoring performance
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Brooery: a graphical environment for analysis of security-relevant network activity
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Design and implementation of netdude, a framework for packet trace manipulation
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Joint data streaming and sampling techniques for detection of super sources and destinations
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
The power of slicing in internet flow measurement
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
Data reduction for the scalable automated analysis of distributed darknet traffic
IMC '05 Proceedings of the 5th ACM SIGCOMM conference on Internet Measurement
NetViewer: a network traffic visualization and analysis tool
LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Contract-based load management in federated distributed systems
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
FFPF: fairly fast packet filters
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Tracking the role of adversaries in measuring unwanted traffic
SRUTI'06 Proceedings of the 2nd conference on Steps to Reducing Unwanted Traffic on the Internet - Volume 2
Detecting targeted attacks using shadow honeypots
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Hybrid Intrusion Detection with Weighted Signature Generation over Anomalous Internet Episodes
IEEE Transactions on Dependable and Secure Computing
WormShield: Fast Worm Signature Generation with Distributed Fingerprint Aggregation
IEEE Transactions on Dependable and Secure Computing
An overview of anomaly detection techniques: Existing solutions and latest technological trends
Computer Networks: The International Journal of Computer and Telecommunications Networking
Dendritic cells for SYN scan detection
Proceedings of the 9th annual conference on Genetic and evolutionary computation
Challenging the anomaly detection paradigm: a provocative discussion
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Weighting versus pruning in rule validation for detecting network and host anomalies
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
Honey@home: a new approach to large-scale threat monitoring
Proceedings of the 2007 ACM workshop on Recurring malcode
Querying the internet with PIER
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Dependency-based distributed intrusion detection
DETER Proceedings of the DETER Community Workshop on Cyber Security Experimentation and Test on DETER Community Workshop on Cyber Security Experimentation and Test 2007
Dependable security: testing network intrusion detection systems
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Ruler: high-speed packet matching and rewriting on NPUs
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Optimization of pattern matching algorithm for memory based architecture
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
An improved algorithm to accelerate regular expression evaluation
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Curing regular expressions matching algorithms from insomnia, amnesia, and acalculia
Proceedings of the 3rd ACM/IEEE Symposium on Architecture for networking and communications systems
Biologically-inspired Complex Adaptive Systems approaches to Network Intrusion Detection
Information Security Tech. Report
Deep network packet filter design for reconfigurable devices
ACM Transactions on Embedded Computing Systems (TECS)
Reconfigurable content-based router using hardware-accelerated language parser
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Implementing high-speed string matching hardware for network intrusion detection systems
Proceedings of the 16th international ACM/SIGDA symposium on Field programmable gate arrays
NetADHICT: a tool for understanding network traffic
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
ATLANTIDES: an architecture for alert verification in network intrusion detection systems
LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Information Assurance: Dependability and Security in Networked Systems
Information Assurance: Dependability and Security in Networked Systems
Regular Expression Matching in Reconfigurable Hardware
Journal of Signal Processing Systems
Wireless and physical security via embedded sensor networks
WiSec '08 Proceedings of the first ACM conference on Wireless network security
Syntax vs. semantics: competing approaches to dynamic network intrusion detection
International Journal of Security and Networks
International Journal of Information and Computer Security
On-demand view materialization and indexing for network forensic analysis
NETB'07 Proceedings of the 3rd USENIX international workshop on Networking meets databases
BotHunter: detecting malware infection through IDS-driven dialog correlation
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Proximity breeds danger: emerging threats in metro-area wireless networks
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Detector SherLOCK: Enhancing TRW with Bloom filters under memory and performance constraints
Computer Networks: The International Journal of Computer and Telecommunications Networking
A hybrid finite automaton for practical deep packet inspection
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Detecting worm variants using machine learning
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Exact multi-pattern string matching on the cell/b.e. processor
Proceedings of the 5th conference on Computing frontiers
Principled reasoning and practical applications of alert fusion in intrusion detection systems
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Reconstructing system state for intrusion analysis
ACM SIGOPS Operating Systems Review
Automatic analysis of firewall and network intrusion detection system configurations
Journal of Computer Security - Formal Methods in Security Engineering Workshop (FMSE 04)
Approximate autoregressive modeling for network attack detection
Journal of Computer Security - Privacy, Security and Trust (PST) Technologies: Evolution and Challenges
LISABETH: automated content-based signature generator for zero-day polymorphic worms
Proceedings of the fourth international workshop on Software engineering for secure systems
Hierarchical multi-pattern matching algorithm for network content inspection
Information Sciences: an International Journal
Predicting the resource consumption of network intrusion detection systems
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Optimization of pattern matching circuits for regular expression on FPGA
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Efficient signature based malware detection on mobile devices
Mobile Information Systems
Two layer Denial of Service prevention on SIP VoIP infrastructures
Computer Communications
FPGA based string matching for network processing applications
Microprocessors & Microsystems
LOBSTER: a European platform for passive network traffic monitoring
Proceedings of the 4th International Conference on Testbeds and research infrastructures for the development of networks & communities
Statistical techniques for detecting traffic anomalies through packet header data
IEEE/ACM Transactions on Networking (TON)
Enriching network security analysis with time travel
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Deflating the big bang: fast and scalable deep packet inspection with extended finite automata
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Multilevel Pattern Matching Architecture for Network Intrusion Detection and Prevention System
ICESS '07 Proceedings of the 3rd international conference on Embedded Software and Systems
Sensing Attacks in Computers Networks with Hidden Markov Models
MLDM '07 Proceedings of the 5th international conference on Machine Learning and Data Mining in Pattern Recognition
Distributed Evasive Scan Techniques and Countermeasures
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Reducing Payload Scans for Attack Signature Matching Using Rule Classification
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Automata-Theoretic Analysis of Bit-Split Languages for Packet Scanning
CIAA '08 Proceedings of the 13th international conference on Implementation and Applications of Automata
The Problem of False Alarms: Evaluation with Snort and DARPA 1999 Dataset
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Gnort: High Performance Network Intrusion Detection Using Graphics Processors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Predicting the Resource Consumption of Network Intrusion Detection Systems
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
High-Speed Matching of Vulnerability Signatures
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
A Comparative Evaluation of Anomaly Detectors under Portscan Attacks
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Context-aware clustering of DNS query traffic
Proceedings of the 8th ACM SIGCOMM conference on Internet measurement
Design, Debug, Deploy: The Creation of Configurable Computing Applications
Journal of Signal Processing Systems
Vigilante: End-to-end containment of Internet worm epidemics
ACM Transactions on Computer Systems (TOCS)
Thwarting E-mail Spam Laundering
ACM Transactions on Information and System Security (TISSEC)
A data mining approach for analysis of worm activity through automatic signature generation
Proceedings of the 1st ACM workshop on Workshop on AISec
Real-time data pre-processing technique for efficient feature extraction in large scale datasets
Proceedings of the 17th ACM conference on Information and knowledge management
Correlation-based load balancing for network intrusion detection and prevention systems
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Tunnel Hunter: Detecting application-layer tunnels with statistical fingerprinting
Computer Networks: The International Journal of Computer and Telecommunications Networking
Design of a scalable network programming framework
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Efficient regular expression evaluation: theory to practice
Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
A Self-learning System for Detection of Anomalous SIP Messages
Principles, Systems and Applications of IP Telecommunications. Services and Security for Next Generation Networks
A Novel Worm Detection Model Based on Host Packet Behavior Ranking
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
Anomaly Detection of Hostile Traffic Based on Network Traffic Distributions
Information Networking. Towards Ubiquitous Networking and Services
Fast Signature Matching Using Extended Finite Automaton (XFA)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Incorporation of Application Layer Protocol Syntax into Anomaly Detection
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A Parallel Architecture for Stateful, High-Speed Intrusion Detection
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
Intrusion detection alarms reduction using root cause analysis and clustering
Computer Communications
Principles for developing comprehensive network visibility
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Fast packet classification for Snort by native compilation of rules
LISA'08 Proceedings of the 22nd conference on Large installation system administration conference
SS'08 Proceedings of the 17th conference on Security symposium
Approximate autoregressive modeling for network attack detection
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Bridging the gap: software specification meets intrusion detector
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
An image processing approach to traffic anomaly detection
Proceedings of the 4th Asian Conference on Internet Engineering
ACS'08 Proceedings of the 8th conference on Applied computer scince
IEEE/ACM Transactions on Networking (TON)
FDF: Frequency detection-based filtering of scanning worms
Computer Communications
Efficient application identification and the temporal and spatial stability of classification schema
Computer Networks: The International Journal of Computer and Telecommunications Networking
A hybrid intrusion detection system design for computer network security
Computers and Electrical Engineering
Proceedings of the Second European Workshop on System Security
Proceedings of the Second European Workshop on System Security
FPGA-Based Intrusion Detection System for 10 Gigabit Ethernet
IEICE - Transactions on Information and Systems
TCP Reassembler for Layer7-Aware Network Intrusion Detection/Prevention Systems
IEICE - Transactions on Information and Systems
Filtering False Positives Based on Server-Side Behaviors
IEICE - Transactions on Information and Systems
An efficient analytical solution to thwart DDoS attacks in public domain
Proceedings of the International Conference on Advances in Computing, Communication and Control
Extending finite automata to efficiently match Perl-compatible regular expressions
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Journal of Computer Security - Best papers of the Sec Track at the 2006 ACM Symposium
Performance Improvement by Means of Collaboration between Network Intrusion Detection Systems
CNSR '09 Proceedings of the 2009 Seventh Annual Communication Networks and Services Research Conference
Processing intrusion detection alert aggregates with time series modeling
Information Fusion
Portscan Detection with Sampled NetFlow
TMA '09 Proceedings of the First International Workshop on Traffic Monitoring and Analysis
Scan Surveillance in Internet Networks
NETWORKING '09 Proceedings of the 8th International IFIP-TC 6 Networking Conference
Fast Packet Classification Using Condition Factorization
ACNS '09 Proceedings of the 7th International Conference on Applied Cryptography and Network Security
Review: Application classification using packet size distribution and port association
Journal of Network and Computer Applications
Reconfigurable Computing: The Theory and Practice of FPGA-Based Computation
Reconfigurable Computing: The Theory and Practice of FPGA-Based Computation
Using Artificial Intelligence for Intrusion Detection
Proceedings of the 2007 conference on Emerging Artificial Intelligence Applications in Computer Engineering: Real Word AI Systems with Applications in eHealth, HCI, Information Retrieval and Pervasive Technologies
Spatio-temporal network anomaly detection by assessing deviations of empirical measures
IEEE/ACM Transactions on Networking (TON)
Entropy based adaptive flow aggregation
IEEE/ACM Transactions on Networking (TON)
Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks
International Journal of Security and Networks
Yataglass: Network-Level Code Emulation for Analyzing Memory-Scanning Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Defending Browsers against Drive-by Downloads: Mitigating Heap-Spraying Code Injection Attacks
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling (Extended Abstract)
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Support Vector Machines for TCP traffic classification
Computer Networks: The International Journal of Computer and Telecommunications Networking
High-speed string matching for network intrusion detection
International Journal of Communication Networks and Distributed Systems
Information fusion for anomaly detection with the dendritic cell algorithm
Information Fusion
When gossip is good: distributed probabilistic inference for detection of slow network intrusions
AAAI'06 proceedings of the 21st national conference on Artificial intelligence - Volume 2
OpenLIDS: a lightweight intrusion detection system for wireless mesh networks
Proceedings of the 15th annual international conference on Mobile computing and networking
COD: online temporal clustering for outbreak detection
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 1
A scalable multi-core aware software architecture for high-performance network monitoring
Proceedings of the 2nd international conference on Security of information and networks
Optimized memory based accelerator for scalable pattern matching
Microprocessors & Microsystems
Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts
Computer Communications
A multi-model approach to the detection of web-based attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking - Web security
Dynamic policy model for target based intrusion detection system
Proceedings of the 2nd International Conference on Interaction Sciences: Information Technology, Culture and Human
On the use of compression algorithms for the classification of IP flows
SPECTS'09 Proceedings of the 12th international conference on Symposium on Performance Evaluation of Computer & Telecommunication Systems
Human interface for cyber security anomaly detection systems
HSI'09 Proceedings of the 2nd conference on Human System Interactions
Panacea: Automating Attack Classification for Anomaly-Based Network Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Regular Expression Matching on Graphics Hardware for Intrusion Detection
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Multi-byte Regular Expression Matching with Speculation
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Intrusion Detection Based on Back-Propagation Neural Network and Feature Selection Mechanism
FGIT '09 Proceedings of the 1st International Conference on Future Generation Information Technology
DROP: Detecting Return-Oriented Programming Malicious Code
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
An intrusion detection sensor for the NetVM virtual processor
ICOIN'09 Proceedings of the 23rd international conference on Information Networking
Per flow packet sampling for high-speed network monitoring
COMSNETS'09 Proceedings of the First international conference on COMmunication Systems And NETworks
Experimenting with an Intrusion Detection System for Encrypted Networks
International Journal of Business Intelligence and Data Mining
Flooding attacks detection and victim identification over high speed networks
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Applying Kernel methods to anomaly based intrusion detection systems
GIIS'09 Proceedings of the Second international conference on Global Information Infrastructure Symposium
Optimizing anomaly detector deployment under evolutionary black-box vulnerability testing
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Evolving TCP/IP packets: a case study of port scans
CISDA'09 Proceedings of the Second IEEE international conference on Computational intelligence for security and defense applications
Proceedings of the International Conference and Workshop on Emerging Trends in Technology
Proceedings of the Third European Workshop on System Security
MIRA: a distributed and scalable WAN/LAN real-time measurement platform
QofIS'02/ICQT'02 Proceedings of the 3rd international conference on quality of future internet services and internet charging and QoS technologies 2nd international conference on From QoS provisioning to QoS charging
Detecting long connection Chains of interactive terminal sessions
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
A mission-impact-based approach to INFOSEC alarm correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Evaluation of the diagnostic capabilities of commercial intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Accurate buffer overflow detection via abstract payload execution
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Distributed instrusion prevention in active and extensible networks
IWAN'04 Proceedings of the 6th IFIP TC6 international working conference on Active networks
Towards identifying true threat from network security data
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
Synthesis of regular expressions targeting FPGAs: current status and open issues
ARC'07 Proceedings of the 3rd international conference on Reconfigurable computing: architectures, tools and applications
Prototyping an armored data vault rights management on Big Brother's computer
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
An intrusion detection based on support vector machines with a voting weight schema
IEA/AIE'07 Proceedings of the 20th international conference on Industrial, engineering, and other applications of applied intelligent systems
Detection and analysis of drive-by-download attacks and malicious JavaScript code
Proceedings of the 19th international conference on World wide web
TokDoc: a self-healing web application firewall
Proceedings of the 2010 ACM Symposium on Applied Computing
Botzilla: detecting the "phoning home" of malicious software
Proceedings of the 2010 ACM Symposium on Applied Computing
Filesystem activity following a SSH compromise: an empirical study of file sequences
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
The NIDS cluster: scalable, stateful network intrusion detection on commodity hardware
RAID'07 Proceedings of the 10th international conference on Recent advances in intrusion detection
The DecoyPort: redirecting hackers to honeypots
NBiS'07 Proceedings of the 1st international conference on Network-based information systems
Botnet traffic detection techniques by C&C session classification using SVM
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Combining heterogeneous classifiers for network intrusion detection
ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
Workload characterization of stateful networking applications
ISHPC'05/ALPS'06 Proceedings of the 6th international symposium on high-performance computing and 1st international conference on Advanced low power systems
MDH: a high speed multi-phase dynamic hash string matching algorithm for large-scale pattern set
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Efficient pattern matching on GPUs for intrusion detection systems
Proceedings of the 7th ACM international conference on Computing frontiers
Using unsupervised learning for network alert correlation
Canadian AI'08 Proceedings of the Canadian Society for computational studies of intelligence, 21st conference on Advances in artificial intelligence
Algebra for capability based attack correlation
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
Anomaly detection in IP networks with principal component analysis
ISCIT'09 Proceedings of the 9th international conference on Communications and information technologies
A reactive measurement framework
PAM'08 Proceedings of the 9th international conference on Passive and active network measurement
Misconfigurations discovery between distributed security components using the mobile agent approach
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Secure multi-agent coordination in a network monitoring system
Software engineering for large-scale multi-agent systems
On the use of computational geometry to detect software faults at runtime
Proceedings of the 7th international conference on Autonomic computing
Optimizing network anomaly detection scheme using instance selection mechanism
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
A new data streaming method for locating hosts with large connection degree
GLOBECOM'09 Proceedings of the 28th IEEE conference on Global telecommunications
Automatically generating models for botnet detection
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Extracting attack sessions from real traffic with intrusion prevention systems
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Identifying the use of data/voice/video-based P2P traffic by DNS-query behavior
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
An automatic and dynamic parameter tuning of a statistic-based anomaly detection algorithm
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Policy-based security configuration management application to intrusion detection and prevention
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Anomaly detection through packet header data
ICICS'09 Proceedings of the 7th international conference on Information, communications and signal processing
Accelerating the bit-split string matching algorithm using Bloom filters
Computer Communications
A DSL for intrusion detection based on constraint programming
Proceedings of the 3rd international conference on Security of information and networks
NOZZLE: a defense against heap-spraying code injection attacks
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Extensible and scalable network monitoring using OpenSAFE
INM/WREN'10 Proceedings of the 2010 internet network management conference on Research on enterprise networking
International Journal of Network Management
An evaluation of automatic parameter tuning of a statistics-based anomaly detection algorithm
International Journal of Network Management
Unsupervised host behavior classification from connection patterns
International Journal of Network Management
Cost-aware systemwide intrusion defense via online forensics and on-demand detector deployment
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
Mapping the urban wireless landscape with Argos
Proceedings of the 8th ACM Conference on Embedded Networked Sensor Systems
Ultra-high throughput string matching for deep packet inspection
Proceedings of the Conference on Design, Automation and Test in Europe
Packet scheduling for deep packet inspection on multi-core architectures
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
The case for hardware transactional memory in software packet processing
Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Temporally oblivious anomaly detection on large networks using functional peers
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
OverCourt: DDoS mitigation through credit-based traffic segregation and path migration
Computer Communications
Cyber-critical infrastructure protection using real-time payload-based anomaly detection
CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
State-based network intrusion detection systems for SCADA protocols: a proof of concept
CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
Semi-supervised learning for false alarm reduction
ICDM'10 Proceedings of the 10th industrial conference on Advances in data mining: applications and theoretical aspects
Evaluating regular expression matching engines on network and general purpose processors
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Theoretic analysis of finite automata for memory-based pattern matching
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Parallelization of Snort on a multi-core platform
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
Experience with high-speed automated application-identification for network-management
Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems
D(e|i)aling with VoIP: robust prevention of DIAL attacks
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Improving NFA-based signature matching using ordered binary decision diagrams
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Automatic discovery of parasitic malware
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
CANVuS: context-aware network vulnerability scanning
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
NetStore: an efficient storage infrastructure for network forensics and monitoring
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
NIDS architecture for clusters
CTS'05 Proceedings of the 2005 international conference on Collaborative technologies and systems
A nonself space approach to network anomaly detection
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Network intrusion detection with semantics-aware capability
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Network intrusion detection: dead or alive?
Proceedings of the 26th Annual Computer Security Applications Conference
Neural visualization of network traffic data for intrusion detection
Applied Soft Computing
Optimizing Deep Packet Inspection for High-Speed Traffic Analysis
Journal of Network and Systems Management
Accuracy improving guidelines for network anomaly detection systems
Journal in Computer Virology
Efficient detection of the return-oriented programming malicious code
ICISS'10 Proceedings of the 6th international conference on Information systems security
Efficient pattern matching algorithm for memory architecture
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Using constraints for intrusion detection: the NeMODe system
PADL'11 Proceedings of the 13th international conference on Practical aspects of declarative languages
Honeypot in network security: a survey
Proceedings of the 2011 International Conference on Communication, Computing & Security
Selective regular expression matching
ISC'10 Proceedings of the 13th international conference on Information security
Fusing intrusion data for detection and containment
MILCOM'03 Proceedings of the 2003 IEEE conference on Military communications - Volume II
Deterministic finite automata characterization and optimization for scalable pattern matching
ACM Transactions on Architecture and Code Optimization (TACO)
Experiences with string matching on the fermi architecture
ARCS'11 Proceedings of the 24th international conference on Architecture of computing systems
Automatic construction of jump-oriented programming shellcode (on the x86)
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Network scan detection with LQS: a lightweight, quick and stateful algorithm
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Deep packet pre-filtering and finite state encoding for adaptive intrusion detection system
Computer Networks: The International Journal of Computer and Telecommunications Networking
A hadoop-based packet trace processing tool
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
ASAP: automatic semantics-aware analysis of network payloads
PSDML'10 Proceedings of the international ECML/PKDD conference on Privacy and security issues in data mining and machine learning
Inoculation against malware infection using kernel-level software sensors
Proceedings of the 8th ACM international conference on Autonomic computing
Towards vulnerability-based intrusion detection with event processing
Proceedings of the 5th ACM international conference on Distributed event-based system
An artificial intelligence membrane to detect network intrusion
Artificial Life and Robotics
Network monitoring with constraint programming: preliminary specification and analysis
INAP'09 Proceedings of the 18th international conference on Applications of declarative programming and knowledge management
A fast pattern matching algorithm with multi-byte search unit for high-speed network security
Computer Communications
Testing ensembles for intrusion detection: On the identification of mutated network scans
CISIS'11 Proceedings of the 4th international conference on Computational intelligence in security for information systems
Fast, memory-efficient regular expression matching with NFA-OBDDs
Computer Networks: The International Journal of Computer and Telecommunications Networking
An assessment of overt malicious activity manifest in residential networks
DIMVA'11 Proceedings of the 8th international conference on Detection of intrusions and malware, and vulnerability assessment
Multi-stage change-point detection scheme for large-scale simultaneous events
Computer Communications
ZOZZLE: fast and precise in-browser JavaScript malware detection
SEC'11 Proceedings of the 20th USENIX conference on Security
Multi-core application performance optimization using a constrained tandem queueing model
Journal of Network and Computer Applications
Learning web application firewall - benefits and caveats
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Floguard: cost-aware systemwide intrusion defense via online forensics and on-demand IDS deployment
SAFECOMP'11 Proceedings of the 30th international conference on Computer safety, reliability, and security
MIDeA: a multi-parallel intrusion detection architecture
Proceedings of the 18th ACM conference on Computer and communications security
Expert Systems with Applications: An International Journal
AC-Suffix-Tree: Buffer Free String Matching on Out-of-Sequence Packets
Proceedings of the 2011 ACM/IEEE Seventh Symposium on Architectures for Networking and Communications Systems
ICICS'11 Proceedings of the 13th international conference on Information and communications security
What a webserver can learn from a zebra and what we learned in the process
CHIMIT '11 Proceedings of the 5th ACM Symposium on Computer Human Interaction for Management of Information Technology
Detecting malware's failover C&C strategies with squeeze
Proceedings of the 27th Annual Computer Security Applications Conference
Nexat: a history-based approach to predict attacker actions
Proceedings of the 27th Annual Computer Security Applications Conference
Proposals on assessment environments for anomaly-based network intrusion detection systems
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Towards filtering and alerting rule rewriting on single-component policies
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Signature-Aware traffic monitoring with IPFIX
APNOMS'06 Proceedings of the 9th Asia-Pacific international conference on Network Operations and Management: management of Convergence Networks and Services
Network–Level polymorphic shellcode detection using emulation
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
Detecting unknown network attacks using language models
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
On the importance of header classification in HW/SW network intrusion detection systems
PCI'05 Proceedings of the 10th Panhellenic conference on Advances in Informatics
Design and implementation of FPGA based high-performance intrusion detection system
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Session level flow classification by packet size distribution and session grouping
Computer Networks: The International Journal of Computer and Telecommunications Networking
Detection of DDoS attacks using optimized traffic matrix
Computers & Mathematics with Applications
Fit a compact spread estimator in small high-speed memory
IEEE/ACM Transactions on Networking (TON)
Self debugging mode for patch-independent nullification of unknown remote process infection
CANS'05 Proceedings of the 4th international conference on Cryptology and Network Security
FPGA based intrusion detection system against unknown and known attacks
PRIMA'06 Proceedings of the 9th Pacific Rim international conference on Agent Computing and Multi-Agent Systems
A high-performance network monitoring platform for intrusion detection
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
CIPS: coordinated intrusion prevention system
ICOIN'05 Proceedings of the 2005 international conference on Information Networking: convergence in broadband and mobile networking
IDS false alarm reduction using continuous and discontinuous patterns
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
Applying genetic programming to evolve learned rules for network anomaly detection
ICNC'05 Proceedings of the First international conference on Advances in Natural Computation - Volume Part III
Intrusion detection: introduction to intrusion detection and security information management
Foundations of Security Analysis and Design III
The system modeling for detections of new malicious codes
PARA'04 Proceedings of the 7th international conference on Applied Parallel Computing: state of the Art in Scientific Computing
USAID: unifying signature-based and anomaly-based intrusion detection
PAKDD'05 Proceedings of the 9th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
Improving the performance of signature-based network intrusion detection sensors by multi-threading
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Improving the efficiency of misuse detection
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Enhancing the accuracy of network-based intrusion detection with host-based context
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
COTS diversity based intrusion detection and application to web servers
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Towards software-based signature detection for intrusion prevention on the network card
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Polymorphic worm detection using structural information of executables
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Enforcing security with behavioral fingerprinting
Proceedings of the 7th International Conference on Network and Services Management
Toward the accurate identification of network applications
PAM'05 Proceedings of the 6th international conference on Passive and Active Network Measurement
FPL-3: towards language support for distributed packet processing
NETWORKING'05 Proceedings of the 4th IFIP-TC6 international conference on Networking Technologies, Services, and Protocols; Performance of Computer and Communication Networks; Mobile and Wireless Communication Systems
Anomaly internet network traffic detection by kernel principle component classifier
ISNN'05 Proceedings of the Second international conference on Advances in Neural Networks - Volume Part III
FPL-3E: towards language support for reconfigurable packet processing
SAMOS'05 Proceedings of the 5th international conference on Embedded Computer Systems: architectures, Modeling, and Simulation
An efficient and unified approach to correlating, hypothesizing, and predicting intrusion alerts
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
APHIDS++: evolution of a programmable hybrid intrusion detection system
MATA'05 Proceedings of the Second international conference on Mobility Aware Technologies and Applications
Port scan behavior diagnosis by clustering
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Analysis of policy anomalies on distributed network security setups
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Towards an information-theoretic framework for analyzing intrusion detection systems
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Live traffic monitoring with tstat: capabilities and experiences
WWIC'10 Proceedings of the 8th international conference on Wired/Wireless Internet Communications
HTTPHunting: an IBR approach to filtering dangerous HTTP Traffic
ICDM'06 Proceedings of the 6th Industrial Conference on Data Mining conference on Advances in Data Mining: applications in Medicine, Web Mining, Marketing, Image and Signal Mining
Enhancing network intrusion detection with integrated sampling and filtering
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
WIND: workload-aware INtrusion detection
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
SafeCard: a gigabit IPS on the network card
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Adaptive detection of local scanners
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Predictive pattern matching for scalable network intrusion detection
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
Deterministic finite automata characterization for memory-based pattern matching
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
MOVICAB-IDS: visual analysis of network traffic data streams for intrusion detection
IDEAL'06 Proceedings of the 7th international conference on Intelligent Data Engineering and Automated Learning
Indices of power in optimal IDS default configuration: theory and examples
GameSec'11 Proceedings of the Second international conference on Decision and Game Theory for Security
Enhanced network traffic anomaly detector
ICDCIT'05 Proceedings of the Second international conference on Distributed Computing and Internet Technology
FAST'05 Proceedings of the Third international conference on Formal Aspects in Security and Trust
Detecting computer worms in the cloud
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Towards a multiagent-based distributed intrusion detection system using data mining approaches
ADMI'11 Proceedings of the 7th international conference on Agents and Data Mining Interaction
DarkNOC: dashboard for honeypot management
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
Using active intrusion detection to recover network trust
LISA'11 Proceedings of the 25th international conference on Large Installation System Administration
Anomaly detection methods in wired networks: a survey and taxonomy
Computer Communications
Intrusion detection techniques and approaches
Computer Communications
Virtual indexing based methods for estimating node connection degrees
Computer Networks: The International Journal of Computer and Telecommunications Networking
Intrusion as (anti)social communication: characterization and detection
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Making middleboxes someone else's problem: network processing as a cloud service
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Tolerating overload attacks against packet capturing systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
A prefiltering approach to regular expression matching for network security systems
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
Chimera: a declarative language for streaming network traffic analysis
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Automatic network intrusion detection: Current techniques and open issues
Computers and Electrical Engineering
Making middleboxes someone else's problem: network processing as a cloud service
ACM SIGCOMM Computer Communication Review - Special october issue SIGCOMM '12
Kargus: a highly-scalable software-based intrusion detection system
Proceedings of the 2012 ACM conference on Computer and communications security
RT-MOVICAB-IDS: Addressing real-time intrusion detection
Future Generation Computer Systems
Towards automatic assembly of privacy-preserved intrusion signatures
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
E-NIPS: an event-based network intrusion prediction system
ISC'07 Proceedings of the 10th international conference on Information Security
Malacoda: towards high-level compilation of network security applications on reconfigurable hardware
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
NetStage/DPR: A self-reconfiguring platform for active and passive network security operations
Microprocessors & Microsystems
ATPS: adaptive threat prevention system for high-performance intrusion detection and response
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
SDFA: series DFA for memory-efficient regular expression matching
CIAA'12 Proceedings of the 17th international conference on Implementation and Application of Automata
ALERT-ID: analyze logs of the network element in real time for intrusion detection
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
A lone wolf no more: supporting network intrusion detection with real-time intelligence
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Bot detection evasion: a case study on local-host alert correlation bot detection methods
Security and Communication Networks
Revisiting network scanning detection using sequential hypothesis testing
Security and Communication Networks
Jarhead analysis and detection of malicious Java applets
Proceedings of the 28th Annual Computer Security Applications Conference
SQL injection detection via program tracing and machine learning
IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
Toward scalable internet traffic measurement and analysis with Hadoop
ACM SIGCOMM Computer Communication Review
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
Intelligent alarm filter using knowledge-based alert verification in network intrusion detection
ISMIS'12 Proceedings of the 20th international conference on Foundations of Intelligent Systems
NSS'12 Proceedings of the 6th international conference on Network and System Security
Wild-Inspired Intrusion Detection System Framework for High Speed Networks f|p IDS Framework
International Journal of Information Security and Privacy
SIPAD: SIP-VoIP Anomaly Detection using a Stateful Rule Tree
Computer Communications
ADMIRE: Anomaly detection method using entropy-based PCA with three-step sketches
Computer Communications
A-DFA: A Time- and Space-Efficient DFA Compression Algorithm for Fast Regular Expression Evaluation
ACM Transactions on Architecture and Code Optimization (TACO)
Effective bot host detection based on network failure models
Computer Networks: The International Journal of Computer and Telecommunications Networking
The Journal of Supercomputing
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
Information Sciences: an International Journal
Split/merge: system support for elastic execution in virtual middleboxes
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Dynamic expressivity with static optimization for streaming languages
Proceedings of the 7th ACM international conference on Distributed event-based systems
adsvm: pre-processor plug-in using support vector machine algorithm for Snort
Proceedings of the First International Conference on Security of Internet of Things
Towards application classification with vulnerability signatures for IDS/IPS
Proceedings of the First International Conference on Security of Internet of Things
An OpenFlow-based architecture for IaaS security
Proceedings of the 3rd International Conference on Application and Theory of Automation in Command and Control Systems
Analyzing and defending against web-based malware
ACM Computing Surveys (CSUR)
Scap: stream-oriented network traffic capture and analysis for high-speed networks
Proceedings of the 2013 conference on Internet measurement conference
Modelling distributed network attacks with constraints
International Journal of Bio-Inspired Computation
Administrative evaluation of intrusion detection system
Proceedings of the 2nd annual conference on Research in information technology
Toward supervised anomaly detection
Journal of Artificial Intelligence Research
Real-time malware detection framework in intrusion detection systems
Proceedings of the 2013 Research in Adaptive and Convergent Systems
A novel threshold-based scan detection method using genetic algorithm
Proceedings of the 6th International Conference on Security of Information and Networks
A pattern-matching scheme with high throughput performance and low memory requirement
IEEE/ACM Transactions on Networking (TON)
IEEE/ACM Transactions on Networking (TON)
Improving the performance of neural networks with random forest in detecting network intrusions
ISNN'13 Proceedings of the 10th international conference on Advances in Neural Networks - Volume Part II
Line speed accurate superspreader identification using dynamic error compensation
Computer Communications
A scalable network forensics mechanism for stealthy self-propagating attacks
Computer Communications
Semantic security against web application attacks
Information Sciences: an International Journal
Managing the network with Merlin
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Fast and flexible: parallel packet processing with GPUs and click
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Picking pesky parameters: optimizing regular expression matching in practice
ANCS '13 Proceedings of the ninth ACM/IEEE symposium on Architectures for networking and communications systems
Data-parallel finite-state machines
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Host-Based Approach for Unknown Fast-Spreading Worm Detection and Containment
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
Reviewing traffic classification
DataTraffic Monitoring and Analysis
Information Sciences: an International Journal
A grand spread estimator using a graphics processing unit
Journal of Parallel and Distributed Computing
SHAPE--an approach for self-healing and self-protection in complex distributed networks
The Journal of Supercomputing
Journal of Network and Computer Applications
Alert correlation: Severe attack prediction and controlling false alarm rate tradeoffs
Intelligent Data Analysis
A Speculative Parallel DFA Membership Test for Multicore, SIMD and Cloud Computing Environments
International Journal of Parallel Programming
Hi-index | 0.00 |
Network intrusion detection systems (NIDS) are an important part of any network security architecture. They provide a layer of defense which monitors network traffic for predefined suspicious activity or patterns, and alert system administrators when potential hostile traffic is detected. Commercial NIDS have many differences, but Information Systems departments must face the commonalities that they share such as significant system footprint, complex deployment and high monetary cost. Snort was designed to address these issues.