Network intrusion detection and prevention systems are vulnerable to evasion by attackers who craft ambiguous traffic to breach the defense of such systems. A normalizer is an inl...
In this work we consider the problem of monitoring information streams for anomalies in a scalable and efficient manner. We study the problem in the context of network streams wher...
We propose a method to verify the result of attacks detected by signature-based network intrusion detection systems using lightweight protocol analysis. The observation is that ne...
Abstract— A clear deficiency in most of todays Anomaly Intrusion Detection Systems (AIDS) is their inability to distinguish between a new form of legitimate normal behavior and ...
The deployment of sensor networks in security- and safety-critical environments requires secure communication primitives. In this paper, we design, implement, and evaluate a new s...
Bryan Parno, Mark Luk, Evan Gaustad, Adrian Perrig