Learn More
We report a vulnerability to network signature-based IDS which we have tested using Snort and we call “Squealing”. This vulnerability has significant implications since it can easily be generalized to any IDS. The vulnerability of signature-based IDS to high false positive rates has been welldocumented but we go further to show (at a high level) how packets(More)
0 7 4 0 7 4 5 9 / 0 1 / $ 1 0 . 0 0 © 2 0 0 1 I E E E crash is becoming less of an option. Such crashes are becoming increasingly expensive to business and potentially life threatening to those who depend on essential services built on networked software systems. As the makeup of systems is increasingly composed of software relative to hardware, system(More)
ISBN 555555555/$10.00  2002 IEEE Abstract This paper proposes a new paradigm of whole system survivability as a goal over individual component security solutions. We introduce an adaptive multi-layer framework such that survivability can be effectively and efficiently provided to protect an entire system against intelligent malicious attacks. This new(More)
The poor state of security on the Internet calls for more effective ways to protect networked systems from attacks. One solution is to be able to counter attack with offensive capabilities. With attacker information available, companies find themselves in a dilemma – counter attack for immediate self-defense, retaliate for future deterrence, inform the(More)