Learn More
Worm detection systems have traditionally used global strategies and focused on scan rates. The noise associated with this approach requires statistical techniques and large data sets (e.g., ¢ ¤ £ ¦ ¥ monitored machines) to avoid false pos-itives. Worm detection techniques for smaller local networks have not been fully explored. We consider how local(More)
In this paper we propose a methodology for utilizing Network Management Systems for the early detection of Distributed Denial of Service (DDoS) Attacks. Although there are quite a large number of events that are prior to an attack (e.g. suspicious log-ons, start of processes, addition of new files, sudden shifts in traffic, etc.), in this work we depend(More)
Worm detection systems have traditionally focused on global strategies. In the absence of a global worm detection system, we examine the effectiveness of local worm detection and response strategies. This paper makes three contributions: (1) We propose a simple two-phase local worm victim detection algorithm, DSC (Destination-Source Correlation), based on(More)
In our earlier work we have proposed and developed a methodology for the early detection of Distributed Denial of Service (DDoS) attacks. In this paper, we examine the applicability of Proactive Intrusion Detection on a considerably more complex setup , with hosts associated with three clusters, connected by routers. Background TCP, UDP and ICMP traffic(More)
Heterogeneous and distributed nature of the Internet makes it very diicult to customize security protocols and policies in order to satisfy the security needs of applications. Celestial network security management project addresses this issue through building an infrastructure that can dynamically set up inter-domain secure communication channels upon the(More)
  • 1