Sciweavers

ACSAC
2004
IEEE
14 years 4 months ago
Detecting Attacks That Exploit Application-Logic Errors Through Application-Level Auditing
Host security is achieved by securing both the operating system kernel and the privileged applications that run on top of it. Application-level bugs are more frequent than kernel-...
Jingyu Zhou, Giovanni Vigna
ACSAC
2004
IEEE
14 years 4 months ago
Reasoning About Complementary Intrusion Evidence
This paper presents techniques to integrate and reason about complementary intrusion evidence such as alerts generated by intrusion detection systems (IDSs) and reports by system ...
Yan Zhai, Peng Ning, Purush Iyer, Douglas S. Reeve...
ACSAC
2004
IEEE
14 years 4 months ago
Alert Correlation through Triggering Events and Common Resources
Complementary security systems are widely deployed in networks to protect digital assets. Alert correlation is essential to understanding the security threats and taking appropria...
Dingbang Xu, Peng Ning
ACSAC
2004
IEEE
14 years 4 months ago
An Intrusion Detection Tool for AODV-Based Ad hoc Wireless Networks
Mobile ad hoc network routing protocols are highly susceptible to subversion. Previous research in securing these protocols has typically used techniques based on encryption and r...
Giovanni Vigna, Sumit Gwalani, Kavitha Srinivasan,...
ACSAC
2004
IEEE
14 years 4 months ago
A Serial Combination of Anomaly and Misuse IDSes Applied to HTTP Traffic
Combining an "anomaly" and a "misuse" IDSes offers the advantage of separating the monitored events between normal, intrusive or unqualified classes (ie not kn...
Elvis Tombini, Hervé Debar, Ludovic M&eacut...
ACSAC
2004
IEEE
14 years 4 months ago
Towards Secure Design Choices for Implementing Graphical Passwords
We study the impact of selected parameters on the size of the password space for "Draw-A-Secret" (DAS) graphical passwords. We examine the role of and relationships betw...
Julie Thorpe, Paul C. van Oorschot
ACSAC
2004
IEEE
14 years 4 months ago
Static Analyzer of Vicious Executables (SAVE)
Software security assurance and malware (trojans, worms, and viruses, etc.) detection are important topics of information security. Software obfuscation, a general technique that ...
Andrew H. Sung, Jianyun Xu, Patrick Chavez, Sriniv...
ACSAC
2004
IEEE
14 years 4 months ago
Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis
1 A number of recent applications have been built on distributed hash tables (DHTs) based overlay networks. Almost all DHT-based schemes employ a tight deterministic data placement...
Mudhakar Srivatsa, Ling Liu
ACSAC
2004
IEEE
14 years 4 months ago
Nabs: A System for Detecting Resource Abuses via Characterization of Flow Content Type
One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using u...
Kulesh Shanmugasundaram, Mehdi Kharrazi, Nasir D. ...
ACSAC
2004
IEEE
14 years 4 months ago
Automatic Generation and Analysis of NIDS Attacks
A common way to elude a signature-based NIDS is to transform an attack instance that the NIDS recognizes into another instance that it misses. For example, to avoid matching the a...
Shai Rubin, Somesh Jha, Barton P. Miller