Learn More
ntrusions and misuses of computer systems are becoming a major concern. Our nation's infrastructure is heavily network based in all industries. However, the nation's network infrastructure can't deal with attacks on a local or global scale, leaving network and computer security up to an organization's individual efforts. With the growing concern with regard(More)
Moving Target Defense techniques have been proposed to increase uncertainty and apparent complexity for attackers. When more than one Moving Target Defense techniques are effective to limit opportunities of an attack, it is required to compare these techniques and select the best defense choice. In this paper, we propose a three-layer model to evaluate and(More)
—Computer forensics is the preservation, analysis, and interpretation of computer data. It is a crucial tool in the arsenal of law enforcement investigators, national security analysts, and corporate computer emergency response teams. There is a need for software that aids investigators in locating data on hard drives left by persons committing illegal(More)
As computer and network intrusions become more and more of a concern, the need for better capabilities to assist in the detection and analysis of intrusions also increases. System administrators typically rely on log files to analyze usage and detect misuse. However, as a consequence of the amount of data collected by each machine, multiplied by the tens or(More)
We present a search for standard model (SM) Higgs boson production using pp collision data at square root(s) = 1.96 TeV, collected with the CDF II detector and corresponding to an integrated luminosity of 4.8 fb(-1). We search for Higgs bosons produced in all processes with a significant production rate and decaying to two W bosons. We find no evidence for(More)
We present a search for the technicolor particles rho{T} and pi_{T} in the process pp-->rho{T}-->Wpi{T} at a center of mass energy of sqrt[s]=1.96 TeV. The search uses a data sample corresponding to approximately 1.9 fb{-1} of integrated luminosity accumulated by the CDF II detector at the Fermilab Tevatron. The event signature we consider is W-->lnu and(More)
— We present a novel paradigm for visual correlation of network alerts from disparate logs. This paradigm facilitates and promotes situational awareness in complex network environments. Our approach is based on the notion that, by definition, an alert must possess three attributes, namely: What, When, and Where. This fundamental premise, which we term w 3 ,(More)