Previous
Surveillance or dead lock?
News On a switched network, you need to greatly increase the number of intrusion detection sensors to monitor traffic on all the network segments. Intrusion detection systems (IDSs) are surveillance products.
[August 20, 2002, 20:19]
Multidimensional Network Monitoring for Intrusion Detection
White Papers The network traffic description is synthesized by applying methods of theoretical physics and complex systems theory, to provide a robust approach for network monitoring that detects known intrusions, and supports developing real systems for...
[March 4, 2008, 0:02]
Target-Based TCP Stream Reassembly
White Papers The authors revealed that intrusion detection systems cannot be effective and accurate because they do not necessarily process, or perhaps, even observe network traffic exactly as the destination host that receives the message does.
[December 27, 2007, 0:01]
Report: US air-traffic control systems hacked
News Meanwhile, intrusion-detection systems (IDS) are deployed at only 11 of hundreds of air-traffic control facilities and none of the IDS sensors is installed to monitor operational systems at those sites, the report said.
[May 8, 2009, 8:53]
Preventing hack attacks: The must-reads
News This includes establishing monitoring (log review, intrusion-detection software) and performing an external security audit. John Verry, a consultant for the security firm CQUR IT, which specialises in security assessment, protection, detection, and...
[January 22, 2004, 9:55]
The Critical Importance of Three-Dimensional Protection (3DP) in an Intrusion Prevention System
White Papers Many companies also employ network intrusion detection systems (IDS), which inspect the network traffic and report their findings to log files and databases. An increasing number of organizations, therefore, are using network intrusion prevention...
[May 31, 2008, 1:01]
An Efficient and Intelligent Intrusion Detection and Response System Using Virtual Private Networks, Firewalls and Packet Filters
White Papers There major challenges for current Intrusion Detection Systems (IDS) which attempt to identify suspicious network traffic. This involves using an efficient and intelligent intrusion detection and response system using Virtual Private Networks...
[June 19, 2008, 1:01]
TippingPoint Intrusion Prevention Systems Data Sheet
White Papers Intrusion Detection Systems, by definition, only detect and do not block unwanted traffic. The TippingPoint IPS operates in-line in the network, blocking malicious and unwanted traffic, while allowing good traffic to pass unimpeded.
[July 26, 2007, 2:37]
An Adaptive Sampling Algorithm With Applications to Denial-of-Service Attack Detection
White Papers There is an emerging need for the traffic processing capability of network security mechanisms, such as Intrusion Detection Systems (IDS), to match the high throughput of today's high-bandwidth networks.
[June 20, 2009, 1:21]
A Firewall for Routers: Protecting Against Routing Misbehavior
White Papers Analogous to traffic normalization for network intrusion detection systems, the proposed RouteNormalizer patches ambiguities and eliminates semantically incorrect routing updates to protect against routing protocol attacks.
[April 26, 2008, 1:02]
Network Intrusion Detection Using Random Forests
White Papers Network Intrusion Detection Systems (NIDSs) have become an important component in network security infrastructure. Since data mining techniques can build intrusion detection models adaptively, data mining-based NIDSs have significant advantages...
[June 18, 2008, 1:01]
Honeycomb - Creating Intrusion Detection Signatures Using Honeypots
White Papers This paper describes a system for automated generation of attack signatures for network intrusion detection systems. The system applies pattern-matching techniques and protocol conformance checks on multiple levels in the protocol hierarchy to...
[May 21, 2008, 1:01]
Detecting Denial-of-Service Attacks With Incomplete Audit Data
White Papers Factors like noise in the audit data, mobility of the nodes and the large amount of network data generated by the network make it difficult to build a normal traffic profile of the network for the purpose of anomaly detection.
[June 24, 2009, 16:02]
Detecting Abnormal Network Activities With Netflow
White Papers Some organizations also use Intrusion Detection Systems (IDS) on border routers to analyze incoming traffic for patterns that indicate specific problems. But firewall or intrusion detection system is used primarily on borders with the Internet...
[October 5, 2006, 1:00]
IDGraphs: Intrusion Detection and Analysis Using Histographs
White Papers For a statistical Intrusion Detection System (IDS), it is crucial to detect at the flow-level for accurate detection and mitigation. IDGraphs is an interactive visualization system for intrusion detection that addresses these challenges.
[June 12, 2008, 1:01]
PCI DSS and Wireless
White Papers It also says to use network intrusion detection systems and/or intrusion prevention systems to monitor all traffic in the cardholder data environment and alert personnel to suspected compromises. Since 2004, the PCI DSS standard has guided...
[June 20, 2009, 1:21]
Design and Implementation of a High-Performance Network Intrusion Prevention System
White Papers The network processor acts as a customized load balancing splitter that cooperates with a set of modified content-based network intrusion detection sensors in processing network traffic. Network intrusion prevention systems provide proactive...
[January 9, 2008, 0:01]
A Parallel Architecture for Stateful Intrusion Detection in High Traffic Networks
White Papers These issues are critical especially for Network Intrusion Detection Systems (NIDS) that need to trace and reassemble every connection, and to examine every packet flowing on the monitored link(s), to guarantee high security levels.
[May 21, 2008, 1:01]
PARNIDS: A Scalable Network Intrusion Detection Loadbalancer
White Papers Network Intrusion Detection Systems (NIDS) are becoming an increasingly important security measure. The PARNIDS parallel NIDS architecture overcomes this limitation by distributing network traffic load over an array of sensor nodes.
[June 18, 2008, 1:01]
SIFT: Snort Intrusion Filter for TCP
White Papers Intrusion rule processing in reconfigurable hardware enables intrusion detection and prevention services to run at multi Gigabit/second rates. High-level intrusion rules mapped directly into hardware separate malicious content from benign content...
[October 31, 2007, 0:00]
