Remote physical device fingerprinting
We introduce the area of remote physical device fingerprinting, or fingerprinting a physical
device, as opposed to an operating system or class of devices, remotely, and without the …
device, as opposed to an operating system or class of devices, remotely, and without the …
A framework for classifying denial of service attacks
A Hussain, J Heidemann… - Proceedings of the 2003 …, 2003 - dl.acm.org
Launching a denial of service (DoS) attack is trivial, but detection and response is a painfully
slow and often a manual process. Automatic classification of attacks as single-or multi …
slow and often a manual process. Automatic classification of attacks as single-or multi …
A lustrum of malware network communication: Evolution and insights
Both the operational and academic security communities have used dynamic analysis
sandboxes to execute malware samples for roughly a decade. Network information derived …
sandboxes to execute malware samples for roughly a decade. Network information derived …
Monitoring the initial DNS behavior of malicious domains
S Hao, N Feamster, R Pandrangi - Proceedings of the 2011 ACM …, 2011 - dl.acm.org
Attackers often use URLs to advertise scams or propagate malware. Because the reputation
of a domain can be used to identify malicious behavior, miscreants often register these …
of a domain can be used to identify malicious behavior, miscreants often register these …
The dynamics of internet traffic: self-similarity, self-organization, and complex phenomena
RD Smith - Advances in Complex Systems, 2011 - World Scientific
The Internet is one of the largest and most complex communication and information
exchange networks ever created. Therefore, its dynamics and traffic unsurprisingly take on a …
exchange networks ever created. Therefore, its dynamics and traffic unsurprisingly take on a …
Modeling oscillation behavior of network traffic by nested hidden Markov model with variable state-duration
Network traffic modeling is a fundamental problem in communication. A traffic model should
be able to capture and reproduce various properties of a real trace. Despite the widespread …
be able to capture and reproduce various properties of a real trace. Despite the widespread …
[PDF][PDF] An internet-wide view into DNS lookup patterns
S Hao, N Feamster, R Pandrangi - School of Computer Science, Georgia …, 2010 - Citeseer
This paper analyzes the DNS lookup patterns from a large authoritative top-level domain
server and characterizes how the lookup patterns for unscrupulous domains may differ from …
server and characterizes how the lookup patterns for unscrupulous domains may differ from …
[PDF][PDF] Identification of repeated denial of service attacks
A Hussain, J Heidemann… - … 2006. 25TH IEEE …, 2006 - webcluster.cs.columbia.edu
Denial of Service attacks have become a weapon for extortion and vandalism causing
damages in the millions of dollars to commercial and government sites. Legal prosecution is …
damages in the millions of dollars to commercial and government sites. Legal prosecution is …
Cyberseer: 3d audio-visual immersion for network security and management
Large complex networks have become an inseparable part of modern society. However,
very little has been done to develop tools to manage and ensure the security of such …
very little has been done to develop tools to manage and ensure the security of such …
Reducing DNS caching
SN Bhatti, R Atkinson - 2011 IEEE Conference on Computer …, 2011 - ieeexplore.ieee.org
Motivated by our ongoing work exploring an alternative Internet architecture, we wish to
make use of naming services in order to support functionality such as: host and network …
make use of naming services in order to support functionality such as: host and network …