Share This Author
Bitmap Algorithms for Counting Active Flows on High-Speed Links
A family of bitmap algorithms that address the problem of counting the number of distinct header patterns (flows) seen on a high-speed link and can be used to detect DoS attacks and port scans and to solve measurement problems.
Eliminating Steganography in Internet Traffic with Active Wardens
This paper examines the techniques and challenges of a high-bandwidth, unattended, real-time, active warden in the context of a network firewall, and introduces the concept of Minimal Requisite Fidelity (MRF) as a measure of the degree of signal fidelity that is both acceptable to end users and destructive to covert communications.
Fast Content-Based Packet Handling for Intrusion Detection
The problem of intrusion detection is restructured to allow the use of more efficient string matching algorithms that operate on sets of patterns in parallel and a new string matching algorithm is introduced that has average-case performance that is better than the best theoretical algorithm and muchbetter than the currently deployed algorithm.
Scan Statistics for the Online Detection of Locally Anomalous Subgraphs
- Joshua Neil, Curtis L. Hash, Alex Brugh, M. Fisk, C. Storlie
- Computer ScienceTechnometrics
- 2 August 2013
We introduce a computationally scalable method for detecting small anomalous areas in a large, time-dependent computer network, motivated by the challenge of identifying intruders operating inside…
DYNAMIC RIGHT-SIZING IN TCP.
This work proposes an operating technique called dynamic right-sizing that eliminates the need for this manual process of manually tuning system buffers to make TCP flow-control scale to meet the needs of today's bandwidth-rich networks.
Applying Fast String Matching to Intrusion Detection
This paper develops a hybrid system that utilizes three different search algorithms, including one new algorithm presented in this paper, which is a system that matches many common packets 5 times faster with an average speedup of 50%.
Privacy Principles for Sharing Cyber Security Data
- Gina Fisk, Calvin Ardi, Neale Pickett, J. Heidemann, M. Fisk, C. Papadopoulos
- Computer ScienceIEEE Security and Privacy Workshops
- 21 May 2015
Application of these principles can reduce the risk of data exposure and help manage trust requirements for data sharing, helping to meet the goal of balancing privacy, organizational risk, and the ability to better respond to security with shared information.
Automatic Flow-Control Adaptation for Enhancing Network Performance in Computational Grids
An automated and lightweight technique called dynamic right-sizing is described that can improve throughput by as much as an order of magnitude while still abiding by TCP semantics.
Dynamic right-sizing in FTP (drsFTP): Enhancing Grid performance in user-space
- M. Gardner, Wu-chun Feng, M. Fisk
- Computer ScienceProceedings 11th IEEE International Symposium on…
- 24 July 2002
An automated and scalable technique called dynamic right-sizing is described, which is implemented in user space (in particular for bulk-data transfer) so that end users do not have to modify the kernel to achieve a significant increase in throughput.
Counting the number of active flows on a high speed link
This paper addresses a basic function common to several security and measurement applications running at line speeds: counting the number of distinct header patterns (flows) seen on a high speed link in a specified time period and provides algorithms solving the flow counting problem using extremely small amounts of memory.