End-to-end congestion control algorithms in TCP are designed for a highly co-operative environment with the assumption that the end hosts voluntarily participate in it and obey th...
Active operating system fingerprinting is the process of actively determining a target network system’s underlying operating system type and characteristics by probing the targ...
Fedor V. Yarochkin, Ofir Arkin, Meder Kydyraliev, ...
We approached this line of inquiry by questioning the conventional wisdom that audit logs are too large to be analyzed and must be reduced and filtered before the data can be anal...
Signature matching, which includes packet classification and content matching, is the most expensive operation of a signature-based network intrusion detection system (NIDS). In t...
Our previous research illustrated the design of fuzzy logic based online risk assessment for Distributed Intrusion Prediction and Prevention Systems (DIPPS) [3]. Based on the DIPP...