• Publications
  • Influence
Securing the Software Defined Network Control Layer
TLDR
We propose the design of security extensions at the control layer to provide the security management and arbitration of conflicting flow rules that arise when multiple applications are deployed within the same network. Expand
  • 184
  • 17
  • PDF
StegoTorus: a camouflage proxy for the Tor anonymity system
TLDR
We present StegoTorus, a tool that comprehensively disguises Tor from protocol analysis. Expand
  • 154
  • 13
  • PDF
Detecting disruptive routers: a distributed network monitoring approach
TLDR
We present a protocol called WATCHERS that detects and reacts to routers that drop or misroute packets. Expand
  • 196
  • 11
  • PDF
Modeling multistep cyber attacks for scenario recognition
TLDR
Efforts toward automated detection and identification of multistep cyber attack scenarios would benefit significantly from a methodology and language for modeling such scenarios. Expand
  • 241
  • 10
  • PDF
Communication pattern anomaly detection in process control systems
  • A. Valdes, S. Cheung
  • Computer Science
  • IEEE Conference on Technologies for Homeland…
  • 11 May 2009
TLDR
We present a learning-based approach for detecting anomalous network traffic patterns in process control networks at much lower false alarm rates. Expand
  • 95
  • 5
  • PDF
Protecting routing infrastructures from denial of service using cooperative intrusion detection
TLDR
We present a solution to the denial of service problem for routing infrastructures. Expand
  • 120
  • 3
  • PDF
Automatic analysis of firewall and network intrusion detection system configurations
TLDR
This paper presents an integrated, constraint-based approach for modeling and reasoning about multiple firewalls and network intrusion detection systems (NIDSs), which can reason automatically about their combined behavior. Expand
  • 61
  • 3
  • PDF
Intrusion Monitoring in Process Control Systems
TLDR
This paper presents a multilayer security architecture that addresses the challenges of PCS monitoring, providing timely and accurate reporting of security-relevant events. Expand
  • 32
  • 3
  • PDF
Denial of service against the Domain Name System
  • S. Cheung
  • Computer Science
  • IEEE Security & Privacy Magazine
  • 2006
TLDR
Proposed countermeasures for Domain Name System denial-of-service attacks against network services . Expand
  • 21
  • 3
  • PDF
An Architecture for an Adaptive Intrusion-Tolerant Server
TLDR
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion tolerant Web server as a specific instance. Expand
  • 54
  • 2
  • PDF