Skip to Main Content

IEEE.org| IEEE Xplore Digital Library| IEEE Standards| IEEE Spectrum| More Sites

Cart (Loading....) | Create Account | Sign In

Author Search^beta | Advanced Search | Preferences | | More Search Options

Browse Conference Publications > Information Sciences and Syst ...

The Strength of Syntax Based Approaches to Dynamic Network Intrusion Detection

Full Text Sign-In or Purchase

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Username

Password

Purchase PDF
Other Formats

Formats	Non-Member	Member
PDF	$31	$13

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

Already Purchased? View Article
Subscription Options Learn More

2 Author(s)

Scheirer, W. ; Dept. of Comput. Sci. & Eng., Lehigh Univ., Bethlehem, PA ; Chuah, M.

In this paper, we investigate three syntax based, sliding window schemes for automatic intrusion detection. The first method, the fixed partition sliding window scheme (FPSW), uses a fixed window size and a one-byte sliding window. The second method, referred to as variable-length partition sliding window (VPSW), uses a variable length window with a predetermined breakmark. The third method, referred to as variable-length partition with multiple breakmarks (VPMB), is similar to VPSW except that multiple breakmarks are used. The results indicate that while the FPSW and VPSW methods are effective for detecting worms with mild changes in the worm code contents, VPMB is suitable for detecting fully polymorphic worms.

Published in:
Information Sciences and Systems, 2006 40th Annual Conference on

Date of Conference: 22-24 March 2006

Page(s):: 1473 - 1478
E-ISBN :: 1-4244-0350-2
Print ISBN:: 1-4244-0349-9
INSPEC Accession Number:: 9528537

Conference Location :: Princeton, NJ
Digital Object Identifier :: 10.1109/CISS.2006.286697
Product Type:: Conference Publications

Author(s)

Scheirer, W.
Dept. of Comput. Sci. & Eng., Lehigh Univ., Bethlehem, PA
Chuah, M.

INSPEC: CONTROLLED INDEXING

invasive software

security of data

telecommunication security

INSPEC: NON CONTROLLED INDEXING

FPSW

VPMB

VPSW

dynamic network intrusion detection

fixed partition sliding window scheme

multiple breakmark

polymorphic worm detection

syntax strength

variable-length partition

IEEE TERMS

Binary codes

Computer science

Computer worms

Decoding

Encoding

Face detection

Humans

Intrusion detection

Pattern matching

Telecommunication traffic

Referenced Items are not available for this document.

No versions found for this document.

Standards Dictionary Terms are available to subscribers only.

| Create Account

IEEE Account

Purchase Details

Profile Information

Need Help?

US & Canada: +1 800 678 4333
Worldwide: +1 732 981 0060
Contact & Support

IEEE Advancing Technology for Humanity

About IEEE Xplore | Contact | Help | Terms of Use | Nondiscrimination Policy | Site Map | Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest professional association for the advancement of technology.
© Copyright 2013 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.