attack alert
RSS attack alertInternet blacklisting tool unveiled
News The researchers said: "Traditional blacklisting approaches, such as GWOL, treat these two attackers equally, therefore, ignore the characteristics of individual networks shown in the alert history. DShield is a community-based system that... [28 Jul 2008]
Hypothesizing and Reasoning About Attacks Missed by Intrusion Detection Systems
White Paper Several alert correlation methods have been proposed over the past several years to construct high-level attack scenarios from low-level intrusion alerts reported by Intrusion Detection Systems (IDSs). [10 Jul 2008]
Automatic Backdoor Analysis With a Network Intrusion Detection System and an Integrated Service Checker
White Paper This approach reduces the amount of false alerts (false positives) and raises the quality of the alert report. They are a gateway to launch exploits, gain super-user access to hosts in the internal network and to use the attacked network as a... [10 Jul 2008]
Introduction to ngrep: Packet Signatures
White Paper When the attack has identifiable fixed strings of characters, the signature is reasonably straightforward: alert tcp $EXTERNAL_NET any -> $HOME_NET 21 \ msg:"FTP EXPLOIT wu-ftpd 2.6.0"; flags: A+; \ content: "2e2e3131venglin@";reference:arachnids... [03 Jul 2008]
Adaptive Alert Throttling for Intrusion Detection Systems
White Paper Although these types of attack are very hard to stop completely, the aim is to present techniques that improve alert throughput and capacity to such an extent that the resources required to successfully mount the attack become prohibitive. [19 Jun 2008]
Strategic Alert Throttling for Intrusion Detection Systems
White Paper Although these types of attacks are very hard to stop completely, the aim is to present techniques that improve alert throughput and capacity to such an extent that the resources required to successfully mounting the attack become prohibitive. [18 Jun 2008]
A Distributed Host-Based Worm Detection System
White Paper A cooperative alert sharing protocol coupled with distributed sequential hypothesis testing is implemented to generate global alarms about distributed attacks. The system's response is evaluated in the presence of a variety of false alarm... [18 Jun 2008]
Enriching Intrusion Alerts Through Multi-Host Causality
White Paper This paper shows how to enrich an IDS alert with information about how those alerts causally lead to or result from other events in the system. By enriching IDS alerts with this type of causal information, one can leverage existing IDS alerts to... [21 May 2008]
Distinguishing False From True Alerts in Snort by Data Mining Patterns of Alerts
White Paper A classical clustering algorithm, implemented based on this distance measure, is then applied to group the alert patterns into clusters. In addition, it usually only warns of a potential attack without stating what kind of attack it might be. [21 May 2008]
Real-Time Multistage Attack Awareness Through Enhanced Intrusion Alert Clustering
White Paper However, the volume of the alerts generated in typical networks makes real-time attack scenario comprehension dif-cult. This paper present an attack-stage oriented classification of alerts using Snort as an example, and demonstrate that this... [11 Apr 2008]
Android shows hack attack vulnerabilities
News Core Security published an alert on its website stating it had found eight vulnerabilities related to some open source image processing libraries in Google's Android SDK, which the group claims are outdated. [06 Mar 2008]
Photos: Driving safety through tech
Photo This shows the alert which drivers will see displayed on their sat-nav devices, warning of impending hazards. Some of the projects include technology to improve road safety, boost the appeal of IPTV and to protect VoIP networks from attack. [21 Jan 2008]
Bot attacks target those looking for romance
News Although the program is currently targeting Russian websites, PC Tools is urging people in chat rooms and social networks elsewhere to be on the alert for such attacks. Robot chatters are just one type of social-engineering attack that uses... [10 Dec 2007]
Phishers snare Salesforce.com data
News It said it is monitoring and analysing logs to be able to alert customers who have been, or could still be, affected by the incident, and added it is "reinforcing [employee] security education, and tightening access policies within Salesforce.com". [08 Nov 2007]
Worst week for viruses in a year?
News Email users should be on alert for messages with "love"-related subject lines and an executable attachment that would contain a Trojan virus, as well as messages with "Worm Alert! Ken Dunham, director of VeriSign's Rapid Response Team, said in a... [16 Apr 2007]
