Recent Advances in Intrusion Detection

6th International Symposium, RAID 2003, Pittsburgh, PA, USA, September 8-10, 2003, Proceedings

Giovanni Vigna, Erland Jonsson, Christopher Kruegel (Herausgeber)

Buch | Softcover

X, 242 Seiten

2003 | 2003
Springer Berlin (Verlag)
978-3-540-40878-9 (ISBN)

Artikel merken

On behalf of the Program Committee, it is our pleasure to present to you the proceedings of the Sixth Symposium on Recent Advances in Intrusion Detection (RAID 2003). Theprogramcommitteereceived44fullpapersubmissionsfrom10countries. All submissions were carefully reviewed by at least three program committee members or additional intrusion detection experts according to the criteria of scienti?c novelty, importance to the ?eld, and technical quality. The program committee meeting was held in Berkeley, USA on May 14 15. Thirteen papers were selected for presentation and publication in the conference proceedings. The conference technical program included both fundamental research and practical issues, and was shaped around the following topics: network infr- tructure, anomaly detection, correlation, modeling and speci?cation, and sensor technologies. The slides presented by the authors are available on the RAID 2003 web site, We would like to thank the authors that submitted papers as well as the p- gram committee members and the additional reviewers who volunteered their time to create a quality program. In addition, we want to thank the Conf- ence General Chair, John McHugh, for organizing the conference in Pittsburgh, Joshua Haines for publicizing the conference, Don McGillen for ?nding support from our sponsors, and Christopher Kruegel for maintaining the RAID web site and preparing the conference proceedings. Special thanks go to our sponsors Cisco Systems and Symantec, who p- vided ?nancial support for student participation to the symposium, and to CERT/CMU for hosting the conference.

Network Infrastructure.- Mitigating Distributed Denial of Service Attacks Using a Proportional-Integral-Derivative Controller.- Topology-Based Detection of Anomalous BGP Messages.- Anomaly Detection I.- Detecting Anomalous Network Traffic with Self-organizing Maps.- An Approach for Detecting Self-propagating Email Using Anomaly Detection.- Correlation.- Statistical Causality Analysis of INFOSEC Alert Data.- Correlation of Intrusion Symptoms: An Application of Chronicles.- Modeling and Specification.- Modeling Computer Attacks: An Ontology for Intrusion Detection.- Using Specification-Based Intrusion Detection for Automated Response.- IDS Sensors.- Characterizing the Performance of Network Intrusion Detection Sensors.- Using Decision Trees to Improve Signature-Based Intrusion Detection.- Ambiguity Resolution via Passive OS Fingerprinting.- Anomaly Detection II.- Two Sophisticated Techniques to Improve HMM-Based Intrusion Detection Systems.- An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection.

Erscheint lt. Verlag	2.9.2003
Reihe/Serie	Lecture Notes in Computer Science
Zusatzinfo	X, 242 p.
Verlagsort	Berlin
Sprache	englisch
Maße	155 x 235 mm
Gewicht	790 g
Themenwelt	Informatik ► Software Entwicklung ► User Interfaces (HCI)
Themenwelt	Mathematik / Informatik ► Mathematik ► Finanz- / Wirtschaftsmathematik
Schlagworte	Access Control • anomality detection • Audit Control • authentication • Cryptographic Attacks • denial of service • Distributed denial of service • Intrusion Detection • log-data analysis • network intrusion • Network Security • Pattern Analysis • Performance • privacy • RAID • Secure Communications • security
ISBN-10	3-540-40878-9 / 3540408789
ISBN-13	978-3-540-40878-9 / 9783540408789
Zustand	Neuware