Yegneswaran et al., 2005 - Google Patents
An Architecture for Generating Semantic Aware Signatures.Yegneswaran et al., 2005
View HTML- Document ID
- 6275164405545840419
- Author
- Yegneswaran V
- Giffin J
- Barford P
- Jha S
- Publication year
- Publication venue
- USENIX security symposium
External Links
Snippet
Identifying new intrusions and developing effective signatures that detect them is essential for protecting computer networks. We present Nemean, a system for automatic generation of intrusion signatures from honeynet packet traces. Our architecture is distinguished by its …
- 238000001514 detection method 0 abstract description 41
Classifications
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B29/00—Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
- G08B29/18—Prevention or correction of operating errors
- G08B29/183—Single detectors using dual technologies
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B29/00—Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
- G08B29/02—Monitoring continuously signalling or alarm systems
- G08B29/04—Monitoring of the detection circuits
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B25/00—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
- G08B25/01—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium
- G08B25/10—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems characterised by the transmission medium using wireless transmission systems
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B29/00—Checking or monitoring of signalling or alarm systems; Prevention or correction of operating errors, e.g. preventing unauthorised operation
- G08B29/18—Prevention or correction of operating errors
- G08B29/185—Signal analysis techniques for reducing or preventing false alarms or for enhancing the reliability of the system
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B25/00—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
- G08B25/009—Signalling of the alarm condition to a substation whose identity is signalled to a central station, e.g. relaying alarm signals in order to extend communication range
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/18—Actuation by interference with heat, light or radiation of shorter wavelength; Actuation by intruding sources of heat, light or radiation of shorter wavelength
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B13/00—Burglar, theft or intruder alarms
- G08B13/16—Actuation by interference with mechanical vibrations in air or other fluid
- G08B13/1609—Actuation by interference with mechanical vibrations in air or other fluid using active vibration detection systems
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B25/00—Alarm systems in which the location of the alarm condition is signalled to a central station, e.g. fire or police telegraphic systems
- G08B25/14—Central alarm receiver or annunciator arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B17/00—Fire alarms; Alarms responsive to explosion
- G08B17/10—Actuation by presence of smoke or gases automatic alarm devices for analysing flowing fluid materials by the use of optical means
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G08—SIGNALLING
- G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
- G08B7/00—Signalling systems according to more than one of groups G08B3/00-G08B6/00; Personal calling systems according to more than one of groups G08B3/00-G08B6/00
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yegneswaran et al. | An Architecture for Generating Semantic Aware Signatures. | |
| Ur Rehman et al. | DIDDOS: An approach for detection and identification of Distributed Denial of Service (DDoS) cyberattacks using Gated Recurrent Units (GRU) | |
| Davis et al. | Data preprocessing for anomaly based network intrusion detection: A review | |
| US9800608B2 (en) | Processing data flows with a data flow processor | |
| US8135657B2 (en) | Systems and methods for processing data flows | |
| US20160366160A1 (en) | Systems and Methods for Processing Data Flows | |
| US20110238855A1 (en) | Processing data flows with a data flow processor | |
| US20110231564A1 (en) | Processing data flows with a data flow processor | |
| US20110213869A1 (en) | Processing data flows with a data flow processor | |
| US20110219035A1 (en) | Database security via data flow processing | |
| US20070192863A1 (en) | Systems and methods for processing data flows | |
| US20110214157A1 (en) | Securing a network with data flow processing | |
| Stevanovic et al. | Machine learning for identifying botnet network traffic | |
| EP2442525A1 (en) | Systems and methods for processing data flows | |
| Leita et al. | The leurre. com project: collecting internet threats information using a worldwide distributed honeynet | |
| Li et al. | A method based on statistical characteristics for detection malware requests in network traffic | |
| Abdulla et al. | Employing machine learning algorithms to detect unknown scanning and email worms. | |
| Siddiqui et al. | Survey on unified threat management (UTM) systems for home networks | |
| Davis | Machine learning and feature engineering for computer network security | |
| Zhu et al. | Using failure information analysis to detect enterprise zombies | |
| Zekrifa | Hybrid Intrusion Detection System | |
| Yegneswaran et al. | Internet Sieve: An Architecture for Generating Resilient Signatures | |
| Blackwell | Ramit-Rule-Based Alert Management Information Tool | |
| Ramaki et al. | Towards event aggregation for reducing the volume of logged events during IKC stages of APT attacks | |
| Deng et al. | Malware behavior through network trace analysis |