Intrusion Detection Systems (IDS) have become widely used tools for ensuring system and network security. Among many other challenges, contemporary IDS have to cope with increasin...
Many network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false...
1 A new method for detecting anomalies in the usage of protocols in computer networks is presented in this work. The proposed methodology is applied to TCP and disposed in two step...
We present an architecture1 designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. Our technique is based on a systematic (and a...
Current trends demonstrate an increasing use of polymorphism by attackers to disguise their exploits. The ability for malicious code to be easily, and automatically, transformed in...
Yingbo Song, Michael E. Locasto, Angelos Stavrou, ...