Wade Gasior

Learn More
— The alerts produced by network-based intrusion detection systems, e.g. Snort, can be difficult for network administrators to efficiently review and respond to due to the enormous number of alerts generated in a short time frame. This work describes how the visualization of raw IDS alert data assists network administrators in understanding the current(More)
In this paper, we present a method to discover, visualize, and predict behavior pattern of attackers in a network based system. We proposed a system that is able to discover temporal pattern of intrusion which reveal behaviors of attackers using alerts generated by Intrusion Detection System (IDS). We use data mining techniques to find the patterns of(More)
The ShadowNet infrastructure for insider cyber attack prevention is comprised of a tiered server system that is able to dynamically redirect dangerous/suspicious network traffic away from production servers that provide web, ftp, database and other vital services to cloned virtual machines in a quarantined environment. This is done transparently from the(More)
Today's Intrusion detection systems when deployed on a busy network overload the network with huge number of alerts. This behavior of producing too much raw information makes network based intrusion detection systems less effective. We propose a system which groups and analyzes the alerts generated by Snort to visualize possible intrusions in a network. Our(More)
  • 1