traffic analysis intrusion
Snort Install on Win2000/XP with Acid, and MySQL
White Paper Snort is a lightweight Network Intrusion Detection System, capable of performing real-time traffic analysis and packet logging on IP networks. It can be used as a Packet Sniffer, Packet Logger or Network Intrusion Detection System. [24 Feb 2004]
A Distributed Intrusion Detection Prototype Using Security Agents
White Paper The design and implementation of the Distributed Intrusion Detection prototype relies on Security Agents which monitor network traffic and report intrusion alerts to a central management node. Intrusion Detection Systems provide in depth packet... [09 Jul 2008]
Passive Operating System Identification From TCP/IP Packet Headers
White Paper Accurate operating system (OS) identification by passive network traffic analysis can continuously update less-frequent active network scans and help interpret alerts from intrusion detection systems. [06 Nov 2007]
A Hardware Platform for Network Intrusion Detection and Prevention
White Paper This paper argues that intrusion detection analysis should be distributed to Network Node IDS (NNIDS) running in hardware on the end hosts. It discusses the computation and communication characteristics of typical software intrusion detection... [09 Jul 2008]
Weaknesses in Wireless LAN Session Containment
White Paper Using the traffic analysis techniques described in this paper, an attacker can fingerprint the type of wireless LAN intrusion detection system deployed to monitor and protect the wireless network, and potentially evade the session containment... [05 Dec 2007]
The Critical Importance of Three-Dimensional Protection (3DP) in an Intrusion Prevention System
White Paper Many companies also employ network intrusion detection systems (IDS), which inspect the network traffic and report their findings to log files and databases. An increasing number of organizations, therefore, are using network intrusion prevention... [31 May 2008]
Evaluating the Viability of Intrusion Detection System Benchmarking
White Paper Intrusion detection systems are not easily constructed or maintained due to the almost daily evolution of network traffic and known exploits. This paper evaluates the DARPA-LL intrusion detection system evaluation. [09 Jul 2008]
Multidimensional Network Monitoring for Intrusion Detection
White Paper The methods of data analysis and pattern recognition presented are the basis of a technology study for an automatic intrusion detection system that detects the attack in the reconnaissance stage. Applying complex systems theory for information flow... [03 Mar 2008]
HISTORY - High-Speed Network Monitoring and Analysis
White Paper Especially the employed statistical methodologies allow the usage of History for various applications in network security such as intrusion detection and traceback. The complete architecture relies on standardized protocols such as IPFIX and PSAMP... [04 Mar 2008]
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems
White Paper This paper presents an architecture1 designed for alert verification (i.e.to reduce false positives) in network intrusion-detection systems. The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or... [03 Jul 2008]
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems
This paper presents an architecture1 designed for alert verification (i.e.to reduce false positives) in network intrusion-detection systems. The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or... [12 Jun 2008]
Detecting Wireless LAN MAC Address Spoofing
White Paper With this information, wireless equipment manufacturers could implement anomaly based intrusion detection systems capable of identifying MAC address spoofing to alert administrators of attacks against their networks. [03 Jul 2008]
Improving the Database Logging Performance of the Snort Network Intrusion Detection Sensor
Network intrusion detection systems have become one of several invaluable tools to safeguard critical infrastructure and information. Publicly available Network Intrusion Detection Systems (NIDS) such as Snort and Bro as well as a large number of... [03 Jun 2008]
A Framework for Malicious Workload Generation
To demonstrate the capability of MACE, the paper provides an analysis of stress tests conducted on a popular firewall and two popular network intrusion detection systems. Malicious traffic from self-propagating worms and denial-of-service attacks... [03 Jun 2008]
Zombie Scan
White Paper This sensor is running the network intrusion detection software Shadow. This paper analyzes some recent traffic that was received on a sensor residing outside our site's perimeter firewall. The methodical analysis presented demonstrates how and why... [03 Jul 2008]
Keep updated for stories matching traffic analysis intrusion via RSS
