— Anomaly-based intrusion detection systems have the ability of detecting novel attacks, but in real-time detection, they face the challenges of producing many false alarms and f...
Alert correlation systems are post-processing modules that enable intrusion analysts to find important alerts and filter false positives efficiently from the output of Intrusion...
A comprehensive treatment of network security. Topics include remote access security, DMZ, firewalls, VPNs, PKI architecture, X.509 Public key infrastructure, web security, S-HTTP,...
—In this paper we present a methodology for detecting traffic anomalies. To accomplish that, and as a demarcation from similar works, we combine multi-scale and multi-criteria an...
Silvia Farraposo, Philippe Owezarski, Edmundo Mont...
: I will discuss two efforts to get Intrusion Detection Systems to work together - the Common Intrusion Detection Framework (CIDF), and the IETF's working group to develop an ...