An overview of IP flow-based intrusion detection
A Sperotto, G Schaffrath, R Sadre… - … surveys & tutorials, 2010 - ieeexplore.ieee.org
Intrusion detection is an important area of research. Traditionally, the approach taken to find
attacks is to inspect the contents of every packet. However, packet inspection cannot easily …
attacks is to inspect the contents of every packet. However, packet inspection cannot easily …
Identifying propagation sources in networks: State-of-the-art and comparative studies
It has long been a significant but difficult problem to identify propagation sources based on
limited knowledge of network structures and the varying states of network nodes. In practice …
limited knowledge of network structures and the varying states of network nodes. In practice …
Adversarial machine learning-industry perspectives
RSS Kumar, M Nyström, J Lambert… - 2020 IEEE security …, 2020 - ieeexplore.ieee.org
Based on interviews with 28 organizations, we found that industry practitioners are not
equipped with tactical and strategic tools to protect, detect and respond to attacks on their …
equipped with tactical and strategic tools to protect, detect and respond to attacks on their …
Kernel pooling for convolutional neural networks
Abstract Convolutional Neural Networks (CNNs) with Bilinear Pooling, initially in their full
form and later using compact representations, have yielded impressive performance gains …
form and later using compact representations, have yielded impressive performance gains …
Countering code-injection attacks with instruction-set randomization
GS Kc, AD Keromytis, V Prevelakis - … of the 10th ACM conference on …, 2003 - dl.acm.org
We describe a new, general approach for safeguarding systems against any type of code-
injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …
injection attack. We apply Kerckhoff's principle, by creating process-specific randomized …
Method and system for detecting malicious and/or botnet-related domain names
R Perdisci, W Lee - US Patent 10,027,688, 2018 - Google Patents
A method and system of detecting a malicious and/or botnet-related domain name,
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …
comprising: reviewing a domain name used in Domain Name System (DNS) traffic in a …
Method and system for detecting and responding to attacking networks
D Dagon, N Feamster, W Lee, R Edmonds… - US Patent …, 2013 - Google Patents
A system and method for detecting a first network of compromised computers in a second
network of computers, comprising: collecting Domain Name System (DNS) data for the …
network of computers, comprising: collecting Domain Name System (DNS) data for the …
Model-based evaluation: from dependability to security
DM Nicol, WH Sanders… - IEEE Transactions on …, 2004 - ieeexplore.ieee.org
The development of techniques for quantitative, model-based evaluation of computer system
dependability has a long and rich history. A wide array of model-based evaluation …
dependability has a long and rich history. A wide array of model-based evaluation …
Analysis of high volumes of network traffic for advanced persistent threat detection
Abstract Advanced Persistent Threats (APTs) are the most critical menaces to modern
organizations and the most challenging attacks to detect. They span over long periods of …
organizations and the most challenging attacks to detect. They span over long periods of …
CFIMon: Detecting violation of control flow integrity using performance counters
Many classic and emerging security attacks usually introduce illegal control flow to victim
programs. This paper proposes an approach to detecting violation of control flow integrity …
programs. This paper proposes an approach to detecting violation of control flow integrity …