User: Guest  Login
Title:

Exploiting Independent State For Network Intrusion Detection

Document type:
Technical Report
Author(s):
Robin Sommer; Vern Paxson
Abstract:
Network intrusion detection systems (NIDSs) rely on managing a significant amount of state. Often much of this state resides solely in the volatile processor memory accessible to a single user-level process on a single machine. In this work we develop an architecture that facilitates independent state, i.e., internal fine-grained state that can be propagated from one instance of a NIDS to others running either concurrently or subsequently. Our unified architecture provides us with a wealth of po...     »
Keywords:
Bro; Network Intrusion Detection; Security; State Management
Year:
2004
Year / month:
2004-11-01 00:00:00
Pages:
26
 BibTeX