We have built a system for protecting Internet services to securely connected, known users. It implements a generate-and-test approach for on-line attack identification and uses s...
James C. Reynolds, James E. Just, Larry A. Clough,...
: - Modern intrusion detection systems are comprised of three basically different approaches, host based, network based, and a third relatively recent addition called procedural ba...
This paper describes a specification-based approach to detect exploitations of vulnerabdities in securitycritical programs. The approach utilizes security specifications that desc...
We describe the formalization of a correctness proof for a conflict detection algorithm for firewalls in the Coq Proof Assistant. First, we give formal definitions in Coq of a fir...
Venanzio Capretta, Bernard Stepien, Amy P. Felty, ...
Storage-based intrusion detection allows storage systems to transparently watch for suspicious activity. Storage systems are well-positioned to spot several common intruder action...
Adam G. Pennington, John Linwood Griffin, John S. ...