We present and evaluate a NIC-based network intrusion detection system. Intrusion detection at the NIC makes the system potentially tamper-proof and is naturally extensible to wor...
Matthew Eric Otey, Srinivasan Parthasarathy, Amol ...
Misuse-based intrusion detection systems rely on models of attacks to identify the manifestation of intrusive behavior. Therefore, the ability of these systems to reliably detect ...
Giovanni Vigna, William K. Robertson, Davide Balza...
In this paper we present a structured methodology for evaluating cost of responses based on three factors: the response operational cost associated with the daily maintenance of t...
Chris Strasburg, Natalia Stakhanova, Samik Basu, J...
—The complexity of modern networked information systems, as well as all the defense-in-depth best practices, require distributed intrusion detection architectures relying on the ...
Nearly all present-day commercial intrusion detection systems are based on a hierarchical architecture. Nodes at the bottom of the hierarchy collect information, which is passed t...