The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
To evade detection by network-based anomaly detectors, sophisticated attackers are trying to make their malicious traffic resemble legitimate traffic by running attacks through ports used on a daily basis (e.g., port 80 for HTTP). This mimicry traffic is potentially neglected by detectors. In this paper, we propose a Kullback-Leibler (KL) divergence-based method for detecting anomalous traffic mimicking...
The Secure Socket Layer (SSL) and Transport Layer Security (TLS) are the most widely deployed security protocols used in systems required to secure information such as online banking. In this paper, we propose three handshake information-based methods for classifying SSL/TLS servers in terms of security: (1) Distinguished Names-based, (2) protocol version and encryption algorithm-based, and (3) combined...
Denial-of-Service (DoS) and probe attacks are growing more modern and sophisticated in order to evade detection by Intrusion Detection Systems (IDSs) and to increase the potent threat to the availability of network services. Detecting these attacks is quite tough for network operators using misuse-based IDSs because they need to see through attackers and upgrade their IDSs by adding new accurate attack...
Time series arise frequently in many sciences and engineering application, including finance, digital audio, motion capture, network security, and transportation. In this work, we propose a technique for discovering anomalies in time series that takes advantages of the Symbolic Aggregate approXimation (SAX) technique and inspiration from a motif discovery algorithm. We use SAX to reduce the dimension...
There are two popular ways to distribute software in Linux world, by distributing source code or pre-compiled binary. Source-code distribution is suitable for open-source software. However, for close-source software pre-compiled binary is the only option. Unlike Windows, there are many versions of Linux distributions, such as Ubuntu, Red Hat, CentOS, and Debian. Different Linux distributions require...
Traditional works in traffic classification usually measure usage of mail applications by monitoring only SMTP, IMAP, and POP3 traffic. The shortcoming of such measurement is that it does not take into account Web-based email usage (Webmail) since the Webmail traffic is usually classified collectively as HTTP or Web traffic. The simple way to identify Webmail traffic is mapping source or destination...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.