Accurate identification of misuse is a key factor in determining appropriate ways to protect systems. Modern intrusion detection systems often use alerts from different sources su...
Ternary content-addressable memories (TCAMs) have gained wide acceptance in the industry for storing and searching patterns in routers. But two important problems block the way to...
STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as seq...
Steve T. Eckmann, Giovanni Vigna, Richard A. Kemme...
We consider Cooperative Intrusion Detection System (CIDS) which is a distributed AIS-based (Artificial Immune System) IDS where nodes collaborate over a peer-to-peer overlay netwo...
Abstract--Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security sy...