Sciweavers

RAID
2007
Springer
14 years 6 months ago
Exploiting Execution Context for the Detection of Anomalous System Calls
Attacks against privileged applications can be detected by analyzing the stream of system calls issued during process execution. In the last few years, several approaches have been...
Darren Mutz, William K. Robertson, Giovanni Vigna,...
RAID
2007
Springer
14 years 6 months ago
The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware
Abstract. In this work we present a NIDS cluster as a scalable solution for realizing high-performance, stateful network intrusion detection on commodity hardware. The design addre...
Matthias Vallentin, Robin Sommer, Jason Lee, Craig...
RAID
2007
Springer
14 years 6 months ago
Understanding Precision in Host Based Intrusion Detection
Abstract. Many host-based anomaly detection systems monitor process execution at the granularity of system calls. Other recently proposed schemes instead verify the destinations of...
Monirul I. Sharif, Kapil Singh, Jonathon T. Giffin...
RAID
2007
Springer
14 years 6 months ago
SpyShield: Preserving Privacy from Spy Add-Ons
Spyware infections are becoming extremely pervasive, posing a grave threat to Internet users’ privacy. Control of such an epidemic is increasingly difficult for the existing def...
Zhuowei Li, XiaoFeng Wang, Jong Youl Choi
RAID
2007
Springer
14 years 6 months ago
Vortex: Enabling Cooperative Selective Wormholing for Network Security Systems
We present a novel approach to remote traffic aggregation for Network Intrusion Detection Systems (NIDS) called Cooperative Selective Wormholing (CSW). Our approach works by select...
John R. Lange, Peter A. Dinda, Fabián E. Bu...
RAID
2007
Springer
14 years 6 months ago
Comparing Anomaly Detection Techniques for HTTP
Much data access occurs via HTTP, which is becoming a universal transport protocol. Because of this, it has become a common exploit target and several HTTP specific IDSs have been...
Kenneth L. Ingham, Hajime Inoue
RAID
2007
Springer
14 years 6 months ago
Advanced Allergy Attacks: Does a Corpus Really Help?
Abstract. As research in automatic signature generators (ASGs) receives more attention, various attacks against these systems are being identified. One of these attacks is the “...
Simon P. Chung, Aloysius K. Mok
RAID
2007
Springer
14 years 6 months ago
Emulation-Based Detection of Non-self-contained Polymorphic Shellcode
Network-level emulation has recently been proposed as a method for the accurate detection of previously unknown polymorphic code injection attacks. In this paper, we extend network...
Michalis Polychronakis, Kostas G. Anagnostakis, Ev...
RAID
2007
Springer
14 years 6 months ago
Swaddler: An Approach for the Anomaly-Based Detection of State Violations in Web Applications
In recent years, web applications have become tremendously popular, and nowadays they are routinely used in security-critical environments, such as medical, financial, and milita...
Marco Cova, Davide Balzarotti, Viktoria Felmetsger...