Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection

  title={Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection},
  author={Holger Dreger and Anja Feldmann},
  booktitle={USENIX Security Symposium},
Many network intrusion detection systems (NIDS) rely on protocol-specific analyzers to extract the higher-level semantic context from a traffic stream. To select the correct kind of analysis, traditional systems exclusively depend on well-known port numbers. However, based on our experience, increasingly significant portions of today’s traffic are not classifiable by such a scheme. Yet for a NIDS, this traffic is very interesting, as a primary reason for not using a standard port is to evade… CONTINUE READING
Highly Influential
This paper has highly influenced 13 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 185 citations. REVIEW CITATIONS
132 Citations
27 References
Similar Papers


Publications citing this paper.

186 Citations

Citations per Year
Semantic Scholar estimates that this publication has 186 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 27 references

Nat-O-Mat: Ein generisches Intrusion Prevention System

  • D. Fliegl, T. Baur, H. Reiser
  • In Proc. 20. DFN- Arbeitstagung über…
  • 2006
1 Excerpt

Dynamic Protocol Analysis for Network Intrusion Detection Systems

  • M. Mai
  • Master’s thesis, TU München,
  • 2005
2 Excerpts

Similar Papers

Loading similar papers…