| Title | Date Added | Company | |
|---|---|---|---|
 |
Attribution and Aggregation of Network Flows for Security Analysis | 2008-01-01 | Dartmouth College |
| This paper describes a network flow analyzer that is capable of attribution and aggregation of different flows into single activity events for the purposes of identifying suspicious and illegitimate behaviors. Flows are correlated with security events using the Process Query System (PQS) infrastructure. This paper shows results from initial experiments and describes plans for extending the effort. The correlation of networks flows with security events appears to have high potential for aggregating disparate network and host activity and for classifying network activity as either benign or suspicious.
Tags: Security Management, Security Tools |
|||
|
MINDS - Minnesota Intrusion Detection System | 2008-01-01 | University of Minnesota |
| This paper introduces the Minnesota Intrusion Detection System (MINDS), which uses a suite of data mining techniques to automatically detect attacks against computer networks and systems. While the long-term objective of MINDS is to address all aspects of intrusion detection, this paper focuses on two specific contributions: an unsupervised anomaly detection technique that assigns a score to each network connection that reflects how anomalous the connection is, and an association pattern analysis based module that summarizes those network connections that are ranked highly anomalous by the anomaly detection module.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
A Cooperative Intrusion Detection System for Ad Hoc Networks | 2008-01-01 | Georgia Institute of Technology |
| Mobile Ad hoc NETworking (MANET) has become an exciting and important technology in recent years because of the rapid proliferation of wireless devices. MANETs are highly vulnerable to attacks due to the open medium, dynamically changing network topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense. This paper reports the progress in developing Intrusion Detection (ID) capabilities for MANET. Building on the prior work on anomaly detection, the paper investigates how to improve the anomaly detection approach to provide more details on attack types and sources. For several well-known attacks, one can apply a simple rule to identify the attack type when an anomaly is reported. In some cases, these rules can also help identify the attackers.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Subtle Issues in the Design of a Database Tier Firewall | 2008-01-01 | Indian Institute of Technology Bombay |
| Applications such as centralized Supply Chain Management permit multiple business partners to host their own customized components at the same site with selective access to a common shared database. If the application software providers are not all trusting of each other, a Database Tier Firewall is necessary. This model assumes that the vocabulary of relational names from the perspective of application developers and users is limited to an abstract schema. Users have views but the view names are unknown to them. Indeed the user may not be aware of the view definitions which change dynamically and reflect access constraints defined and updated by the owner of the data.
Tags: Network Security, Security Tools |
|||
|
Design and Implementation of Personal Firewalls for Handheld Devices | 2008-01-01 | University of Wollongong |
| Personal Digital Assistants (PDAs) have become one of the important tools in the life. Their popularity is due to their small size and mobility which enables them to be carried anywhere. Along with their popularity, handheld devices are starting to become the target for the attackers, who are mainly interested in gaining the data stored in handheld de-vices. Therefore, security of handheld devices has attracted a lot of attention in an effort to protect the sensitive information stored in handheld devices. Securing handheld de- vices is a daunting task. It requires a careful design since the devices have very limited computational power and battery life. This paper aims to review the security threats to handheld computers and propose several possible solutions.
Tags: Network Security, Security Tools |
|||
|
Path-Coupled Signaling for NAT/Firewall Traversal | 2008-01-01 | NEC Europe |
| Complex protocols tend to negotiate secondary flows on the application layer. This, in the general case, prevents Firewalls and NATs from allowing or routing them, and communication becomes impossible. This paper describes the requirements and design of an end-application triggered, path-coupled signaling protocol for NAT/Firewall traversal. Finally, the paper shows and discusses a performance evaluation, based on the implementation of the protocol.
Tags: Network Security, Security Tools |
|||
|
A High-Performance Network Intrusion Detection System | 2008-01-01 | Iowa State University |
| This paper presents a new approach for network intrusion detection based on concise specifications that characterize normal and abnormal network packet sequences. The specification language is geared for robust network intrusion detection by enforcing a strict type discipline via a combination of static and dynamic type checking. Unlike most previous approaches in network intrusion detection, the authors approach can easily support new network protocols as information relating to the protocols are not hard-coded into the system. Instead, suitable type definitions are added in the specifications and define intrusion patterns on these types. These specifications are compiled into a high-performance network intrusion detection system.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Using JXTA for Firewall Traversal in Distributed CORBA Applications | 2008-01-01 | University of Sao Paulo |
| JacORB is a free Java ORB that is ETF-compliant, that is, it supports the substitution of its transport layer in a standard way. JXTA is a peer-to-peer protocol stack, also implemented as free software, which can traverse firewalls and NAT gateways. This paper describes an extended version of JacORB that runs GIOP over JXTA. Binding CORBA and JXTA technologies together allows components of distributed CORBA applications to be deployed in complex network environments, which may contain firewalls or IP address translators.
Tags: Network Security, Security Tools |
|||
|
A Target-Centric Ontology for Intrusion Detection | 2008-01-01 | university of maryland |
| This paper has produced an ontology specifying a model of computer attacks. The ontology is based upon an analysis of over 4,000 classes of computer intrusions and their corresponding attack strategies and is categorized according to: system component targeted, means of attack, consequence of attack and location of attacker. The author argues that any taxonomic characteristics used to define a computer attack be limited in scope to those features that are observable and measurable at the target of the attack. The paper presents the model as a target-centric ontology that is to be refined and expanded over time. The benefits of forgoing dependence are stated upon taxonomies, in favor of ontologies, for the classification of computer attacks and intrusions.
Tags: Security Tools, Intrusion Detection Systems |
|||
|
Towards a High-Speed Router-Based Anomaly/Intrusion Detection System | 2008-01-01 | Northwestern University |
| Traffic anomalies and attacks are commonplace in today's networks, and identifying them rapidly and accurately is critical for large networks. With the rapid growth of network bandwidth and fast emergence of new attacks/worms, existing network Intrusion Detection Systems (IDS) are insufficient for the following two reasons. First, they are mostly host-based or located on low-end routers, and not scalable to high-speed networks. However, it is crucial to identify fast propagation of worms in their early phases, which can only possibly be achieved by detection at high speed edge/backbone routers instead of at end hosts. Unfortunately, the existing schemes are not scalable to the link speeds and number of flows for high-speed networks.
Tags: Security Tools, Intrusion Detection Systems |
Cutting-edge technology from premium sponsors
Oracle Technology Solutions for Midsize Businesses
Oracle Business Intelligence Standard Edition One - New!
Oracle's Vision for an Enterprise Performance Management System
More Tech Showcases:
Six Priorities for Today’s Economic Climate
Learn how to reduce costs and achieve maximum value from IT.
Give Your Business the Competitive Edge
With the industry's most connected business intelligence solution.
Protect Your Business Critical Systems
With award-winning disaster recovery solutions by NEC.
NetIQ Solutions Summit in SG & HK
Free IT Event on Virtualization, VoIP, Security & Systems Management
PROVEN IN BUSINESS
AMD AND HP. Collaborate to provide ease of Management.
Free IT Salary Report 2009
Register and be the first to download this invaluable resource
IT Priorities 2008/09
Find out the top concerns of CIOs / IT managers in Asia-Pacific
- ZDNet.com |
- ZDNet Japan |
- ZDNet.de |
- CNET UK |
- CNET.de |
- Tech Republic |
- BNET |
- MP3.com |
- activeTechPros |
- ZDNet UK |
- ZDNet Korea |
- ZDNet France |
- CNET Australia |
- CNET France |
- Download.com |
- Builder |
- GameSpot
- ZDNet Australia |
- ZDNet Taiwan |
- CNET |
- CNET Taiwan |
- News.com |
- Silicon.com |
- TV.com |
- GameSpot Korea
News |
Insight |
Reviews |
TechGuides |
Jobs |
Blogs |
Videos |
Community |
Downloads |
IT Library |
Copyright © 2008 CBS Interactive Inc. All rights reserved. Privacy Policy.
