Learn More
One of the most controversial issues in intrusion detection is automating responses to intrusions, which can provide a more efficient, quicker, and precise way to react to an attack in progress than a human. However, it comes with several disadvantages that can lead to a waste of resources, which has so far prevented wide acceptance of automated(More)
The Ad hoc On-Demand Distance Vector (AODV) routing protocol, designed for mobile ad hoc networks, offers quick adaptation to dynamic link conditions, low processing and memory overhead, and low network utilization. However, without keeping in mind the security issues in the protocol design, AODV is vulnerable to various kinds of attacks. This paper(More)
1 Intrusion detection in MANETs is challenging because these networks change their topologies dynamically; lack concentration points where aggregated traffic can be analyzed; utilize infrastructure protocols that are susceptible to manipulation; and rely on noisy, intermittent wireless communications. We present a cooperative, distributed intrusion(More)
NetKuang is an extension to Baldwin's SU-Kuang. It runs on networks of computers using Unix and can nd vulnerabilities created by poor system conngu-ration. Vulnerabilities are discovered using a backwards goal-based search that is breadth-rst on individual hosts and parallel when multiple hosts are checked. An implementation in C++ found real(More)
This paper describes a specification-based approach to detect exploitations of vulnerabdities in security-critical programs. The approach utilizes security specifications that describe the intended behavior of programs and scans audit trails for operations that are in violation of the specifications. We developed a formal framework for specifying the(More)
We present a method for detecting exploitations of vul-nerabilities in privileged programs by monitoring their execution using audit trials, where the monitoring is with respect to speciications of the security-relevant behavior of the programs. Our work is motivated by the intrusion detection paradigm, but is an attempt to avoid ad hoc approaches to(More)
Despite the necessity of protecting information stored in database systems (DBS), existing security models are insuucient to prevent misuse, especially insider abuse by legitimate users. Further, concepts for misuse detection in DBS have not been adequately addressed by existing research in misuse detection. Even though there are available means to guard(More)
We present a solution to the denial of service problem for routing infrastructures. When a network suffers from denial of service, packets cannot reach their destinations. Existing routing protocols are not, well-equipped to deal with denial of service; a misbehaving router-which may be caused by software/hardware faults, misconfiguration, or malicious(More)