• Publications
  • Influence
An Algorithm for Anomaly-based Botnet Detection
tl;dr
We present an anomaly-based algorithm for detecting IRC-based botnet meshes. Expand
  • 318
  • 19
  • Open Access
Traffic Analysis of UDP-based Flows in Ourmon
tl;dr
We present a custom UDP flow tuple with an IP address key and a set of simple related statistical attributes. Expand
  • 3
  • 1
  • Open Access
Ourmon and Network Monitoring Performance
tl;dr
Ourmon is an open-source network management and anomaly detection system that has been developed over a period of several years at Portland State University. Expand
  • 10
  • Open Access
Secure Mobile Networking
Abstract : This project produced a Secure Mobile Network (SMN) system for secure enclaves or virtual networks among mobile workstations, an integrated Mobile-IP/IPSEC system in which Mobile Nodes useExpand
  • 1
Ourmon and Network Monitoring Performance Extended Abstract
Open source intrusion detection systems are increasingly being deployed as protection against networkinitiated attacks. While such systems can be highly effective against known threats, they are moreExpand