signature nids
RSS signature nidsSort by: Relevance | Date
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems
White Paper The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or anomaly-based) are reduced by correlating them with the output anomalies. This paper presents an... [03 Jul 2008]
Elephant: Network Intrusion Detection Systems That Don't Forget
White Paper Using the open-source NIDS Snort, it presents Elephant, an approach and implementation for updating rule-sets that provides a way to cause Snort to enter a safe quiescent point, load the new rules into memory, and remove... [30 Jun 2008]
Improvement and Implementation of Network Intrusion Detection System
White Paper To improve the speed and accuracy of detection, this paper analyzes the NIDS firstly, and secondly presents and implements two improved schemes from string matching algorithms and the structure of intrusion... [25 Jun 2008]
Automatic Generation and Analysis of NIDS Attacks
White Paper A common way to elude a signature-based NIDS is to transform an attack instance that the NIDS recognizes into another instance that it misses. For example, to avoid matching the attack... [05 Jun 2008]
Exclusion-Based Signature Matching for Intrusion Detection
White Paper String matching computations dominate in the overall cost of running a NIDS, despite the use of efficient general-purpose string matching algorithms. Aiming at increasing the efficiency and capacity of NIDSes, the paper... [05 Jun 2008]
Exclusion-Based Signature Matching for Intrusion Detection
String matching computations dominate in the overall cost of running a NIDS, despite the use of efficient general-purpose string matching algorithms. Aiming at increasing the efficiency and capacity of NIDSes, the paper... [03 Jun 2008]
Automatic Generation and Analysis of NIDS Attacks
A common way to elude a signature-based NIDS is to transform an attack instance that the NIDS recognizes into another instance that it misses. For example, to avoid matching the attack... [03 Jun 2008]
Enhancing Byte-Level Network Intrusion Detection Signatures With Context
White Paper When designing an efficient signature engine for the NIDS Bro, the paper provides low-level context by using regular expressions for matching, and high-level context by taking advantage of the semantic... [22 May 2008]
NetSpy: Automatic Generation of Spyware Signatures for NIDS
White Paper If classified as spyware, NetSpy also generates a signature characterizing the malicious substrate of the spy-ware's network behavior. Such a signature can be used by network intrusion detection systems... [06 Jul 2007]
