White Papers
Dynamic Protocol Analysis for Network Intrusion Detection Systems
Category: Security
Tags: open source
Overview Many Network Intrusion Detection Systems (NIDSs) perform application layer protocol analysis. These systems typically infer the protocol from the ports in the TCP or UDP headers. This is not a reliable technique since many protocols do not use fixed ports. On the other hand there exist better methods to identify used application layer protocols e.g. signatures. This paper presents design and implementation of architecture for NIDSs which supports the integration of these advanced methods for dynamic protocol analysis. The design is suitable for analyzing tunneled connections as well. The implementation for the open source system Bro uses its existing signature matching engine as additional protocol detection method.
- Publisher
- TECHNICAL UNIVERSITY OF MUNICH
- File Format
- Date Published
- Jun 18, 2008
- Format
- White Papers
- Topics
- Intrusion Detection Systems, Network Security, Security Tools
Similiar White Papers
A Neural Network Based System for Intrusion Detection and Classification of Attacks
With the rapid expansion of computer networks during the past decade, security has become a crucial issue for computer s
Publisher: Queen's University | Tags: network
Security: New strides in preventing intrusions.
Need help eliminating risk in your IT environment? This ForwardView webshow describes how security appliances, which inc
Publisher: IBM
ATLANTIDES: An Architecture for Alert Verification in Network Intrusion Detection Systems
This paper presents an architecture1 designed for alert verification (i.e., to reduce false positives) in network intrus
Publisher: University of Twente | Tags: false positives, network, server
Using Artificial Intelligence in Intrusion Detection Systems
Artificial Intelligence could make the use of Intrusion Detection Systems a lot easier than it is today. They could lear
Publisher: Helsinki University of Technology
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Intrusion detection is an important technology in business sector as well as an active area of research. It is an import
Publisher: Sathyabama University | Tags: information security, network
TECHNICAL UNIVERSITY OF MUNICH White Papers
Resilient Routing Using MPLS and ECMP
The increasing commercial importance of the Internet together with a rising number of real-time and mission-critical app
Publisher: TECHNICAL UNIVERSITY OF MUNICH | Tags: applications, ip, mpls, network, real-time
Featured white papers
-
The Value of Location Intelligence in the Communications Industry
Public Services are under pressure, the challenge is to do more with less. How do you improve citizen satisfaction, increase cost efficiencies and improve service delivery? The power of location intelligence is helping many local authorities...
-
Best Practices for Translating Customer Satisfaction into Revenue
Today's support organisations are focused on two top-level metrics: financial results and customer satisfaction. For most, it's easy to track financial performance, but customer satisfaction is akin to speaking a foreign language...
-
HP print solutions and 3M
The objective for 3M was to optimize office printing infrastructure at 3M locations worldwide, reduce total cost and environmental footprint. Some of the business benefits acheived by switching to HP print solutions...
-
Check out these top business apps for your iPhone
-
Inside a Microsoft datacentre
-
Green IT without losing your edge
-
Peter Cochrane's latest video blog
-
What you need to know about Windows 7