First IEEE International Workshop on Information Assurance, 2003. IWIAS 2003. Proceedings.

24-24 March 2003

Filter Results

Displaying Results 1 - 12 of 12
  • Proceedings First IEEE International Workshop on Information Assurance. IWIA 2003

    Publication Year: 2003
    Request permission for reuse | PDF file iconPDF (205 KB)
    Freely Available from IEEE
  • Stochastic protocol modeling for anomaly based network intrusion detection

    Publication Year: 2003, Page(s):3 - 12
    Cited by:  Papers (21)  |  Patents (4)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (432 KB) | HTML iconHTML

    A new method for detecting anomalies in the usage of protocols in computer networks is presented. The proposed methodology is applied to TCP and disposed in two steps. First, a quantization of the TCP header space is accomplished, so that a unique symbol is associated with each TCP segment. TCP-based network traffic is thus captured, quantized and represented by a sequence of symbols. The second s... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Designing a framework for active worm detection on global networks

    Publication Year: 2003, Page(s):13 - 23
    Cited by:  Papers (27)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (313 KB) | HTML iconHTML

    Past active Internet worms have caused widespread damage. Knowing the connection characteristics of such a worm very early in its proliferation cycle might provide first responders with an opportunity to intercept a global scale epidemic. We are presenting a scalable framework for detecting, in near-real-time, active Internet worms on global networks, both public and private. By aggregating networ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A tamper-resistant framework for unambiguous detection of attacks in user space using process monitors

    Publication Year: 2003, Page(s):25 - 34
    Cited by:  Papers (7)  |  Patents (5)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (336 KB) | HTML iconHTML

    Replication and redundancy techniques rely on the assumption that a majority of components are always safe and voting is used to resolve any ambiguities. This assumption may be unreasonable in the context of attacks and intrusions. An intruder could compromise any number of the available copies of a service resulting in a false sense of security. The kernel based approaches have proven to be quite... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Computational complexity of the network routing logical security assessment process

    Publication Year: 2003, Page(s):37 - 47
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (284 KB) | HTML iconHTML

    We present how to assess the network routing logical security policy of an Internet Service Provider network, through a reverse-engineering process performed on the network router configurations. The paper covers the definition of a network routing logical security policy and how to implement it in the network router configurations. In addition, it details the algorithms and their asymptotic time ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • IT design criteria for damage reduction

    Publication Year: 2003, Page(s):49 - 59
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (401 KB) | HTML iconHTML

    In order to obtain security from the perspective of a social system, not only the damage probability but also the maximum possible damage must be reduced. Analysing social risk assessment shows us that the latter issue needs more attention. Moreover, autonomous decisions about risk as well as experience gathering are relevant factors of social risk assessment. IT systems therefore need to include ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Intrusion detection testing and benchmarking methodologies

    Publication Year: 2003, Page(s):63 - 72
    Cited by:  Papers (22)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (291 KB) | HTML iconHTML

    The ad-hoc methodology that is prevalent in today's testing and evaluation of network intrusion detection algorithms and systems makes it difficult to compare different algorithms and approaches. After conducting a survey of the literature on the methods and techniques being used, it can be seen that a new approach that incorporates an open source testing methodology and environment would benefit ... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Intrusion Detection Force: an infrastructure for Internet-scale intrusion detection

    Publication Year: 2003, Page(s):73 - 86
    Cited by:  Papers (9)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (374 KB) | HTML iconHTML

    Intrusion detection systems (IDSs) are usually deployed within the confines of an organization. There is usually no exchange of information between an IDS in one organization with those in other organizations. The effectiveness of IDSs at detecting present-day sophisticated attacks would increase significantly if there are inter-organizational communication and sharing of information among IDSs. W... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A guard architecture for improved coalition operations

    Publication Year: 2003, Page(s):89 - 94
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (1185 KB) | HTML iconHTML

    Current US military operations with coalition partners or allies are hampered by a lack of computer network interoperability. While this problem can probably be solved long-term for all computer services by new technology, centrally administered, secured, and widely available electronic mail (for authorized and registered users) with attachments between the US SECRET IP Routed Network (SIPRNET) an... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Protecting the integrity of an entire file system

    Publication Year: 2003, Page(s):95 - 105
    Cited by:  Papers (12)  |  Patents (3)
    Request permission for reuse | Click to expandAbstract | PDF file iconPDF (299 KB) | HTML iconHTML

    This paper describes Arbre, a file system designed to run on untrusted remote storage connected to a server by networking fabrics. Arbre structures all blocks as a tree, and stores a pointer pointing to a block and a cryptographic hash of the block's contents together. This scheme allows Arbre to protect the integrity of the entire file system rather than the integrity of each block or each file i... View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Using the trees to find the forest trustworthy computing as a systems-level issue

    Publication Year: 2003, Page(s):109 - 111
    Request permission for reuse | PDF file iconPDF (216 KB) | HTML iconHTML
    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Author index

    Publication Year: 2003, Page(s): 113
    Request permission for reuse | PDF file iconPDF (151 KB)
    Freely Available from IEEE