Es gibt keine deutsche Übersetzung dieser Webseite.

Robin Sommer's Publications

Enhancing the Accuracy of Network-based Intrusion Detection with Host-based Context
Zitatschlüssel	DKPS-EANIDHC-05
Autor	Dreger, Holger and Kreibich, Christian and Paxson, Vern and Sommer, Robin
Buchtitel	Proceedings of the 2nd GI Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005)
Jahr	2005
Zusammenfassung	In the recent past, both network- and host-based approaches to intrusion detection have received much attention in the network security community. No approach, taken exclusively, provides a satisfactory solution: network-based systems are prone to evasion, while host-based solutions suffer from scalability and maintenance problems. In this paper we present an integrated approach, leveraging the best of both worlds: we preserve the advantages of network-based detection, but alleviate its weaknesses by improving the accuracy of the traffic analysis with specific host-based context. Our framework preserves a separation of policy from mechanism, is highly configurable and more flexible than sensor/manager-based architectures, and imposes a low overhead on the involved end hosts. We include a case study of our approach for a notoriously hard problem for purely network-based systems: the correct processing of HTTP requests.