Learn More
One of the most controversial issues in intrusion detection is automating responses to intrusions, which can provide a more efficient, quicker, and precise way to react to an attack in progress than a human. However, it comes with several disadvantages that can lead to a waste of resources, which has so far prevented wide acceptance of automated(More)
The Ad hoc On-Demand Distance Vector (AODV) routing protocol, designed for mobile ad hoc networks, offers quick adaptation to dynamic link conditions, low processing and memory overhead, and low network utilization. However, without keeping in mind the security issues in the protocol design, AODV is vulnerable to various kinds of attacks. This paper(More)
We present a method for detecting exploitations of vul-nerabilities in privileged programs by monitoring their execution using audit trials, where the monitoring is with respect to speciications of the security-relevant behavior of the programs. Our work is motivated by the intrusion detection paradigm, but is an attempt to avoid ad hoc approaches to(More)
1 Intrusion detection in MANETs is challenging because these networks change their topologies dynamically; lack concentration points where aggregated traffic can be analyzed; utilize infrastructure protocols that are susceptible to manipulation; and rely on noisy, intermittent wireless communications. We present a cooperative, distributed intrusion(More)
NetKuang is an extension to Baldwin's SU-Kuang. It runs on networks of computers using Unix and can nd vulnerabilities created by poor system conngu-ration. Vulnerabilities are discovered using a backwards goal-based search that is breadth-rst on individual hosts and parallel when multiple hosts are checked. An implementation in C++ found real(More)
We present a solution to the denial of service problem for routing infrastructures. When a network suffers from denial of service, packets cannot reach their destinations. Existing routing protocols are not, well-equipped to deal with denial of service; a misbehaving router-which may be caused by software/hardware faults, misconfiguration, or malicious(More)
Committee in Charge 1996 i Acknowledgements I a m d eeply indebted to m y advisors, Karl Levitt a n d Manfred Ruschitzka. Without their help and guidance, I was not able to nish this work. Special thanks to Karl for his precious time a n d e n ergy, a n d h i s p a tience in teaching m e not only how t o perform research, but also how to write proposals,(More)
When computer security violations are detected, computer forensic analysts attempting to determine the relevant causes and effects are forced to perform the tedious tasks of finding and preserving useful clues in large networks of operational machines. To augment a computer crime investi-gator's efforts, the approach presented in this paper is an expert(More)
A Mobile Ad Hoc Network (MANET) is a distributed communication platform for mobile wireless nodes. Because of the lack of a centralized monitoring point, intrusion detection systems (IDS) for MANET are usually developed using a distributed architecture where detectors are deployed at each node to cooperatively detect attacks. However, most of these(More)