This paper presents and evaluates a strategy for integrating the Snort network intrusion detection system into a high-performance programmable Ethernet network interface card (NIC...
STATL is an extensible state/transition-based attack description language designed to support intrusion detection. The language allows one to describe computer penetrations as seq...
Steve T. Eckmann, Giovanni Vigna, Richard A. Kemme...
Evolutionary computation is used to construct undetectable computer attack scripts. Using a simulated operating system, we show that scripts can be evolved to cover their tracks a...
—One of the central areas in network intrusion detection is how to build effective systems that are able to distinguish normal from intrusive traffic. In this paper we explore t...
There is often the need to update an installed Intrusion Detection System (IDS) due to new attack methods or upgraded computing environments. Since many current IDSs are construct...