Tools
Sorted by:
Try your query at:
 |
 |
 |
 |
 |
 |
Results 1 - 10
of
1,440
Implementing Pushback: Router-Based Defense Against DDoS Attacks
- In Proceedings of Network and Distributed System Security Symposium
, 2002
"... Pushback is a mechanism for defending against distributed denial-of-service (DDoS) attacks. DDoS attacks are treated as a congestion-control problem, but because most such congestion is caused by malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled by th ..."
Abstract
-
Cited by 355 (4 self)
- Add to MetaCart
Pushback is a mechanism for defending against distributed denial-of-service (DDoS) attacks. DDoS attacks are treated as a congestion-control problem, but because most such congestion is caused by malicious hosts not obeying traditional end-to-end congestion control, the problem must be handled
Fast Portscan Detection Using Sequential Hypothesis Testing
- IN PROCEEDINGS OF THE IEEE SYMPOSIUM ON SECURITY AND PRIVACY
, 2004
"... Attackers routinely perform random "portscans" of IP addresses to find vulnerable servers to compromise. Network Intrusion Detection Systems (NIDS) attempt to detect such behavior and flag these portscanners as malicious. An important need in such systems is prompt response: the sooner a N ..."
Abstract
-
Cited by 305 (12 self)
- Add to MetaCart
Attackers routinely perform random "portscans" of IP addresses to find vulnerable servers to compromise. Network Intrusion Detection Systems (NIDS) attempt to detect such behavior and flag these portscanners as malicious. An important need in such systems is prompt response: the sooner a
An Approach to Data-driven Detective Internal Controls for Process-aware Information Systems
"... This paper argues for an approach for the well-founded, scalable detective internal controls to assist controllers in swiftly and reliably identifying violations of control objectives in business process executions. Considering the usual internal control setting, in which controllers have a process ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
This paper argues for an approach for the well-founded, scalable detective internal controls to assist controllers in swiftly and reliably identifying violations of control objectives in business process executions. Considering the usual internal control setting, in which controllers have a process
Low-Rate TCP-Targeted Denial of Service Attacks
- in Proc. of ACM SIGCOMM 2003
, 2003
"... Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a wellknown vulnerability to attack by hi ..."
Abstract
-
Cited by 201 (2 self)
- Add to MetaCart
Denial of Service attacks are presenting an increasing threat to the global inter-networking infrastructure. While TCP’s congestion control algorithm is highly robust to diverse network conditions, its implicit assumption of end-system cooperation results in a wellknown vulnerability to attack
Life-Cycle Support for Staff Assignment Rules in Process-Aware Information Systems?
"... Abstract. Process mining has been proposed as a tool for analyzing business processes based on events logs. Today, most information sys-tems are logging events in some log and thus provide detailed informa-tion about the processes they are supporting. This information can be used for two forms of pr ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
be used for the configuration of Process-Aware Information Systems (PAISs). This paper provides an overview of process mining and focuses on a neglected aspect of PAISs: staff assignment. We propose an approach for staff assignment mining based on decision tree learning, i.e., based on some organizational
Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks
- In the Proc. of the 15th USENIX Security Symp
, 2006
"... Policy-based confinement, employed in SELinux and specification-based intrusion detection systems, is a popular approach for defending against exploitation of vulnerabilities in benign software. Conventional access control policies employed in these approaches are effective in detecting privilege es ..."
Abstract
-
Cited by 202 (10 self)
- Add to MetaCart
Policy-based confinement, employed in SELinux and specification-based intrusion detection systems, is a popular approach for defending against exploitation of vulnerabilities in benign software. Conventional access control policies employed in these approaches are effective in detecting privilege
The Zombie Roundup: Understanding, Detecting, and Disrupting Botnets
, 2005
"... Global Internet threats are undergoing a profound transformation from attacks designed solely to disable infrastructure to those that also target people and organizations. Behind these new attacks is a large pool of compromised hosts sitting in homes, schools, businesses, and governments around the ..."
Abstract
-
Cited by 204 (7 self)
- Add to MetaCart
and show a more comprehensive approach is required. We conclude by describing a system to detect botnets that utilize advanced command and control systems by correlating secondary detection data from multiple sources. 1
Automated Detection of Persistent Kernel Control-Flow Attacks
, 2007
"... This paper presents a new approach to dynamically monitoring operating system kernel integrity, based on a property called state-based control-flow integrity (SBCFI). Violations of SBCFI signal a persistent, unexpected modification of the kernel’s control-flow graph. We performed a thorough analysis ..."
Abstract
-
Cited by 120 (4 self)
- Add to MetaCart
This paper presents a new approach to dynamically monitoring operating system kernel integrity, based on a property called state-based control-flow integrity (SBCFI). Violations of SBCFI signal a persistent, unexpected modification of the kernel’s control-flow graph. We performed a thorough
BotMiner: Clustering Analysis of Network Traffic for Protocol- and Structure-Independent Botnet Detection
"... Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g., IRC) and structures (e.g., central ..."
Abstract
-
Cited by 200 (14 self)
- Add to MetaCart
Botnets are now the key platform for many Internet attacks, such as spam, distributed denial-of-service (DDoS), identity theft, and phishing. Most of the current botnet detection approaches work only on specific botnet command and control (C&C) protocols (e.g., IRC) and structures (e
Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code
- In WWW 2010
, 2010
"... JavaScript is a browser scripting language that allows developers to create sophisticated client-side interfaces for web applications. However, JavaScript code is also used to carry out attacks against the user’s browser and its extensions. These attacks usually result in the download of additional ..."
Abstract
-
Cited by 131 (20 self)
- Add to MetaCart
malware that takes complete control of the victim’s platform, and are, therefore, called “drive-by downloads. ” Unfortunately, the dynamic nature of the JavaScript language and its tight integration with the browser make it difficult to detect and block malicious JavaScript code. This paper presents a
Results 1 - 10
of
1,440
