Comparative survey of local honeypot sensors to assist network forensics
PT Chen, CS Laih, F Pouget… - … Workshop on Systematic …, 2005 - ieeexplore.ieee.org
This paper intends to illustrate the usefulness of deploying multiple simple honeypot sensors
in a large variety of locations. Indeed, a permanent identification of anomalies that occur on …
in a large variety of locations. Indeed, a permanent identification of anomalies that occur on …
A study of the relationship between antivirus regressions and label changes
AntiVirus (AV) products use multiple components to detect malware. A component which is
found in virtually all AVs is the signature-based detection engine: this component assigns a …
found in virtually all AVs is the signature-based detection engine: this component assigns a …
A network telescope for early warning intrusion detection
P Chatziadam, IG Askoxylakis… - … , HAS 2014, Held as Part of …, 2014 - Springer
Proactive cyber-security tools provide basic protection as today's cyber-criminals utilize
legitimate traffic to perform attacks and remain concealed quite often until it is too late. As …
legitimate traffic to perform attacks and remain concealed quite often until it is too late. As …
[PDF][PDF] {DarkNOC}: dashboard for honeypot management
Protecting computer and information systems from security attacks is becoming an
increasingly important task for system administrators. Honeypots are a technology often …
increasingly important task for system administrators. Honeypots are a technology often …
The use of packet inter-arrival times for investigating unsolicited Internet traffic
J Zimmermann, A Clark, G Mohay… - … to Digital Forensic …, 2005 - ieeexplore.ieee.org
Monitoring the Internet reveals incessant activity, that has been referred to as background
radiation. In this paper, we propose an original approach that makes use of packet inter …
radiation. In this paper, we propose an original approach that makes use of packet inter …
Comparing detection capabilities of antivirus products: an empirical study with different versions of products from the same vendors
In this paper we report results of an empirical analysis of the detection capabilities of 9
AntiVirus (AV) products when they were subjected to 3605 malware samples collected on an …
AntiVirus (AV) products when they were subjected to 3605 malware samples collected on an …
Retargeting JIT compilers by using C-compiler generated executable code
MA Ertl, D Gregg - Proceedings. 13th International Conference …, 2004 - ieeexplore.ieee.org
JIT compilers produce fast code, whereas interpreters are easy to port between
architectures. We propose to combine the advantages of these language implementation …
architectures. We propose to combine the advantages of these language implementation …
[PDF][PDF] SGNET: a distributed infrastructure to handle zero-day exploits
This work builds upon the Leurré. com infrastructure and the Scriptgen technology. Leurré.
com is a worldwide distributed setup of low interaction honeypots whereas Scriptgen is a …
com is a worldwide distributed setup of low interaction honeypots whereas Scriptgen is a …
Archetypal behavior in computer security
SN Rosenfeld, I Rus, M Cukier - Journal of Systems and Software, 2007 - Elsevier
The purpose of this study is to understand observed behavior and to diagnose and find
solutions to issues encountered in organizational computer security using a systemic …
solutions to issues encountered in organizational computer security using a systemic …
SGNET: Implementation insights
We present in this paper SGNET, a distributed framework to collect information on Internet
attacks, with special attention to self-propagating malware and code injections. This …
attacks, with special attention to self-propagating malware and code injections. This …