Recent work has shown that conventional operating system audit trails are insufficient to detect low-level network attacks. Because audit trails are typically based upon system c...
We present an architecture1 designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and a...
In last decades there have been many proposals from the machine learning community in the intrusion detection field. One of the main problems that Intrusion Detection Systems (IDSs...
eXpert-BSM is a real time forward-reasoning expert system that analyzes Sun Solaris audit trails. Based on many years of intrusion detection research, eXpert-BSM's knowledge ...
Abstract. In this work we present a NIDS cluster as a scalable solution for realizing high-performance, stateful network intrusion detection on commodity hardware. The design addre...
Matthias Vallentin, Robin Sommer, Jason Lee, Craig...