Browsing CS Technical Reports by Author "Giffin, Jonathon"
Now showing items 1-2 of 2
-
Internet Sieve: An Architecture for Generating Resilient Signatures
Yegneswaran, Vinod; Giffin, Jonathon; Barford, Paul; Jha, Somesh (University of Wisconsin-Madison Department of Computer Sciences, 2004)We present iSieve, a modular architecture for identifying intrusion profiles in packet trace data and automatically constructing resilient signatures for the profiles. The first component of the architecture organizes and ... -
On Effective Model-Based Intrusion Detection
Giffin, Jonathon; Jha, Somesh; Miller, Barton P. (University of Wisconsin-Madison Department of Computer Sciences, 2005)Model-based intrusion detectors restrict program execution to a previously computed model of expected behavior. We consider two classes of attacks against these systems: bypass attacks that evade detection by avoiding the ...