A network telescope is a portion of the IP address space which is devoted to observing inbound internet traffic. The purpose of a network telescope is to detect and log malicious ...
Uli Harder, Matt W. Johnson, Jeremy T. Bradley, Wi...
—The feature selection phase is one of the first, and yet very important, tasks to be completed during the development of any Intrusion Detection System. If this phase is neglec...
Network intrusion detection has been generally dealt with using sophisticated software and statistical analysis, although sometimes it has to be done by administrators, either by d...
Lei Qi, Miguel Vargas Martin, Bill Kapralos, Mark ...
Abstract—We introduce a game-theoretic framework for reasoning about bandwidth attacks, a common form of distributed denial of service (DDoS) attacks. In particular, our traffic...
Host-based Intrusion Detection Systems (IDS) that rely on audit data exhibit a delay between attack execution and attack detection. A knowledgeable attacker can use this delay to d...