This paper presents the Intrusion Detection toolkit (IDtk), an information Visualization tool for intrusion detection (ID). IDtk was developed through a user-centered design proce...
Computer forensic analysis, intrusion detection and disaster recovery are all dependent on the existence of trustworthy log files. Current storage systems for such log files are...
Node misbehavior in wireless ad hoc networks leads to sudden unpredictable changes in network topology, resulting in fluctuation of traffic load and capacity for already existin...
Svetlana Radosavac, John S. Baras, George V. Moust...
Protocol reverse engineering is the process of extracting application-level specifications for network protocols. Such specifications are very helpful in a number of security-re...
Gilbert Wondracek, Paolo Milani Comparetti, Christ...
A key step in the semantic analysis of network traffic is to parse the traffic stream according to the high-level protocols it contains. This process transforms raw bytes into s...
Ruoming Pang, Vern Paxson, Robin Sommer, Larry L. ...