Book Series: Recent Advances in Intrusion Detection

Recent Advances in Intrusion Detection: 11th International Symposium, RAID 2008, Cambridge, MA, USA, September 15-17, 2008, Proceedings

By Richard Lippmann

Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, ... Caballero, J., Venkataraman, S., Poosankam, P., Kang, M.G., Song, D., Blum, A.: FiG: Automatic Fingerprint Generation.

Recent Advances in Intrusion Detection: 10th International Symposium, RAID 2007, Gold Coast, Australia, September 5-7, 2007, Proceedings

By Christopher Kruegel

Lee, W., Stolfo, S., Mok, K.: A data mining framework for building intrusion detection models. In: Proceedings of the IEEE Symposium on ... Wagner, D., Dean, D.: Intrusion detection via static analysis. In: Proceedings of the IEEE ...

Recent Advances in Intrusion Detection: 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010, Proceedings

By Somesh Jha, Robin Sommer, Christian Kreibich

Backtracker [19] reconstructs the sequence of steps that occurred in an intrusion by using intrusion alerts to initiate construction ofeventdependency graphs. In a similar way, Pyren ́ee uses NIDS alerts to initiate discovery ...

Recent Advances in Intrusion Detection: 14th International Symposium, RAID 2011, Menlo Park, CA, USA, September 20-21, 2011, Proceedings

By Robin Sommer, Davide Balzarotti, Gregor Maier

... shadow call stack must be maintained in a protected memory, so that the attacker cannot modify it. In our case, the shadow call stack is maintained on the host side, in userland, which is assumed to be trusted. The shadow stack is ...

Recent Advances in Intrusion Detection: 12th International Symposium, RAID 2009, Saint-Malo, France, September 23-25, 2009, Proceedings

By Somesh Jha, Davide Balzarotti, Engin Kirda

... FUTo deletes the hidden process from the other three kernel structures: kernel handle table list, handle table of the ... the FUTo source. It seems that the definition of EPROCESS structure has changed over the Windows versions and the ...

Recent Advances in Intrusion Detection: 8th International Symposium, RAID 2005, Seattle, WA, USA, September 7-9, 2005, Revised Papers

By Diego Zamboni, Alfonso Valdes

... detection, and detail the design, implementation and performance of a system for dynamically monitoring the behavioral distance of diverse replicas. We detail our measure of behavioral distance and our method for divining the correlated ...