Results 1 - 10
of
103
DETECTING MALICIOUS USE WITH UNLABELLED DATA USING CLUSTERING AND OUTLIER ANALYSIS
"... Abstract: Most commercial intrusion detection systems (IDSs) presently available are signature-based network IDSs. Organisations using these IDSs are still experiencing difficulties in detecting intrusive activity on their networks since novel new attacks are consistently being encountered, and anal ..."
Abstract
- Add to MetaCart
, and analysts can miss legitimate alarms when reviewing large alarm logs that contain a high number of false positives. There has been research investigating the use of data mining techniques to effectively detect malicious activity in an enterprise network. The results of many of these projects have
Oorschot. DNS-based detection of scanning worms in an enterprise network
- In Network and Distributed Systems Symposium (NDSS
, 2005
"... Worms are arguably the most serious security threat facing the Internet. Motivated to develop a detection technique that is both efficient and accurate enough to enable automatic containment of worm propagation at the network egress points, we propose a new technique for the rapid detection of worm ..."
Abstract
-
Cited by 44 (9 self)
- Add to MetaCart
propagation from an enterprise network. Implemented in software, it relies on the correlation of Domain Name System (DNS) queries with outgoing connections from an enterprise network. Significant improvement over existing scanning worm detection techniques includes: (1) the possibility to detect worm
Visualizing network data for intrusion detection
- IN PROCEEDINGS OF THE 2005 IEEE WORKSHOP ON INFORMATION ASSURANCE AND SECURITY. UNITED STATES MILITARY ACADEMY
, 2005
"... As the trend of successful network attacks continue to rise, better forms of intrusion detection and prevention are needed. This paper addresses network traffic visualization techniques that aid an administrator in recognizing attacks in real time. Our approach improves upon current techniques that ..."
Abstract
-
Cited by 18 (1 self)
- Add to MetaCart
As the trend of successful network attacks continue to rise, better forms of intrusion detection and prevention are needed. This paper addresses network traffic visualization techniques that aid an administrator in recognizing attacks in real time. Our approach improves upon current techniques
1 Detection and Prevention of Botnets and malware in an enterprise network
"... Abstract: One of the most significant threats faced by enterprise networks today is from Bots. A Bot is a program that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of Bots in a network, used f ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
Abstract: One of the most significant threats faced by enterprise networks today is from Bots. A Bot is a program that operates as an agent for a user and runs automated tasks over the internet, at a much higher rate than would be possible for a human alone. A collection of Bots in a network, used
Network Intrusion Visualization with NIVA, an Intrusion Detection Visual ANALYZER with Haptic Integration
- Proceedings of the 10th Symposium on Haptic Interfaces for Virtual Environment and Teleoperator Systems, 2002. (HAPTICS
, 2002
"... The explosive growth of malicious activities on worldwide communication networks, such as the Internet, has highlighted the need for efficient intrusion detection systems. The efficiency of traditional intrusion detection systems is limited by their inability to effectively relay relevant informatio ..."
Abstract
-
Cited by 25 (0 self)
- Add to MetaCart
information due to their lack of interactive/immersive technologies. In this paper, we explore several network visualization techniques geared towards intrusion detection on small and large-scale networks. We also examine the use of haptics in network intrusion visualization. By incorporating concepts from
The Use of Honeypots to Detect Exploited Systems across Large Enterprise Networks
, 2003
"... Computer Networks connected to the Internet continue to be compromised and exploited by hackers. This is in spite of the fact that many networks run some type of security mechanism at their connection to the Internet. Large Enterprise Networks, such as the network for a major university, are very in ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
for Academic Freedom, system administrators are restricted in what requirements they can place on users on these networks. The high bandwidth usages on these networks make it very difficult to identify malicious traffic within the enterprise network. We propose that a Honeynet can be used to assist the system
Visualization for Cybersecurity IDGraphs: Intrusion Detection and Analysis Using
"... Traffic anomalies and attacks are commonplace in today’s networks. Researchers estimate that malicious code caused more than $28 billion in economic losses in 2003, and will grow to more than $75 billion by 2007 (see ..."
Abstract
- Add to MetaCart
Traffic anomalies and attacks are commonplace in today’s networks. Researchers estimate that malicious code caused more than $28 billion in economic losses in 2003, and will grow to more than $75 billion by 2007 (see
Endpoint-driven Intrusion Detection and Containment of Fast Spreading Worms in Enterprise Networks
"... Abstract—Fast spreading network worms have become one of the most service-impacting threats in enterprise and ISP networks. We identify core requirements for effective detection and containment of such worms and propose a technique that uses a combination of distributed anomaly-based host intrusion ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
Abstract—Fast spreading network worms have become one of the most service-impacting threats in enterprise and ISP networks. We identify core requirements for effective detection and containment of such worms and propose a technique that uses a combination of distributed anomaly-based host intrusion
Feedback Email Worm Defense System for Enterprise Networks
"... As email becomes one of the most convenient and indispensable communication mediums in our life, it is very important to protect email users from increasing email worm attacks. In this paper, we present the architecture and system design of a “feedback email worm defense system ” to protect email us ..."
Abstract
-
Cited by 5 (1 self)
- Add to MetaCart
users in enterprise networks. The defense system is flexible and able to integrate many existing detection techniques to provide effective and efficient email worm defense. First, in response to a “detection score ” of a detected worm email and information on the possible appearance of a malicious email
Real-time and forensic network data analysis using animated and coordinated visualization
- IN PROCEEDINGS OF THE 6TH IEEE INFORMATION ASSURANCE WORKSHOP
, 2005
"... Rapidly detecting and classifying malicious activity contained within network traffic is a challenging problem exacerbated by large datasets and functionally limited manual analysis tools. Even on a small network, manual analysis of network traffic is inefficient and extremely time consuming. Curre ..."
Abstract
-
Cited by 20 (0 self)
- Add to MetaCart
Rapidly detecting and classifying malicious activity contained within network traffic is a challenging problem exacerbated by large datasets and functionally limited manual analysis tools. Even on a small network, manual analysis of network traffic is inefficient and extremely time consuming
Results 1 - 10
of
103