| Publisher | University of Twente | ||
|---|---|---|---|
| Format | 270.1KB PDF | Date added | 19 Sep 2007 |
| Topics | Network Security, Security Tools, Intrusion Detection Systems | ||
| Downloads | 4 | ||
This paper presents an architecture1 designed for alert verification (i.e., to reduce false positives) in network intrusion-detection systems. The technique in this paper is based on a systematic (and automatic) anomaly-based analysis of the system output, which provides useful context information regarding the network services. The false positives raised by the NIDS analyzing the incoming traffic (which can be either signature- or anomaly-based) are reduced by correlating them with the output anomalies. An architecture for TCP-based network services was designed which has a client/server architecture (such as HTTP).
Did you find this white paper useful?
14 out of 24 users found this white paper useful
Related white papers
MessageLabs Intelligence : 2009 security Predictions
Having analyzed the global threat landscape for almost a decade, MessageLabs Team Skeptic™ is comprised of many world-renowned malware and spam experts who have a global view of threats across...
IDC Vendor Spotlight
Organised ubiquity is a must for organisations to sucessfully "project" their users in any given landspace, at any given time, with secuirty policy. This White Paper covers issues surrounding secure...
Trend Micro Enterprise Security white paper
This white paper reviews the content security threat landscape and how it has evolved into a more dangerous and high risk environment. The paper discussed how conventional content security approaches...
Smart Protection E-Book
"Outthink the Threat: Why conventional protection is no match for new data-stealing malware & the Trend Micro Smart Protection Network is." Discover how cyber criminals are rendering traditional security solutions...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Trend Micro Web Threats WP
Web threats pose a broad range of risks, including financial damages, identity theft, loss of confidential business information, theft of network resources, damaged brand or personal reputation, and erosion of...
Resource Guide: Workstation Productivity
Desktop computers have come a long way in terms of value and performance for the average user but many of today's more demanding applications require more advanced workstations with even...
