|
[1] M. Fisk and G. Varghese, \Applying Fast String Matching to Intrusion Detection," Sept. 2002. [Online]. Available: http://public.lanl.gov/ mfisk/papers/setmatch-raid.pdf. [2] S. Antonatos, K. G. Anagnostakis, E. P. Markatos and M. Polychron- akis, \Performance Analysis of Content Matching Intrusion Detection Systems," Intl. Symp. Applications and the Internet (SAINT04), Tokyo, Japan, Jan. 2004. [3] P. C. Lin, Y. D. Lin, Y. C. Lai and T. H. Lee, \Using String Matching for Deep Packet Inspection," IEEE Computer, vol. 41, issue 4, pp. 23-28, Apr. 2008. [4] M. Norton, \Optimizing Pattern Matching for Intrusion Detection," [Online]. Available: docs.idsresearch.org/ OptimizingPatternMatchingForIDS.pdf. [5] K. G. Anagnostakis, E. P. Markatos, S. Antonatos and M. Polychronatis, \EW2XB: A Domain Specic String Matching Algorithm for Intrusion Detection," 18th IFIP International Information Security Conference (SEC), Athens, Greece, May 2003. [6] D. Luchaup, R. Smith, C. Estan and S. Jha, \Multi-byte Regular Ex- pression Matching with Speculation," Intl. Symp. on Recent Advances In Intrusion Detection (RAID), Saint-Malo, Brittany, France, Sept. 2009. [7] S. Artan and H. J. Chao, \10-Gbps High-Speed Single-Chip Network In- trusion Detection System," IEEE Globecom, Washington DC, Nov. 2007. [8] T. H. Lee, \Hardware Architecture for High-performance Regular Ex- pression Matching," IEEE Tran. Computers, vol. 58, no. 7, pp. 984-993, July 2009. [9] C. R. Meiners, J. Patel, E. Norige, E. Torng and A. X. Liu, \Fast Regu- lar Expression Matching Using Small TCAMs for Network Intrusion De- tection and Prevention Systems," Proc. USENIX Security Symposium, Washington DC, Aug. 2010. [10] R. Sommer, V. Paxson and N. Weaver, \An Architecture for Exploit- ing Multi-core Processors to Parallelize Network Intrusion Prevention," Concurrency and Computation: Practice and Experience, Special Issue: Multi-core Supported Network and System Security, 21(10), pp.1255-1279, May 2009. [11] D. L. Schu,Y. R. Choe and V. S. Pai, \Conservative vs. optimistic Par- allelization of Stateful Network Intrusion Detection," IEEE Intl. Symp. on Performance Analysis of Systems and Software (ISPASS), Austin, TX, Apr. 2008. [12] V. Paxson, K. Asanovic, S. Dharmapurikar, J. Lockwood, R. Pang, R. Sommer and N. Weaver, \Rethinking Hardware Support for Network Analysis and Intrusion Prevention," Proc. USENIX Hot Security, Van- couver, B.C., Canada, Aug. 2006. [13] V. Paxson, \Considerations and Pitfalls for Conducting Intrusion Detec- tion Research," Invited talk in SIDAR Conf. on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), Lucerne, Switzer- land, July 2007. [14] M. Handley, C. Kreibich and V. Paxson, \Network Intrusion Detec- tion: Evasion, Trac Normalization, and End-to-end Protocol Seman- tics," Proc. USENIX Security Symposium, Washington D.C., Aug. 2001. [15] R. Smith, C. Estan and S. Jha, \Backtracking algorithmic complexity attacks against a NIDS," Proc. Annual Computer Security Applications Conference (ACSAC), Miami Beach, FL, Dec. 2006. [16] J. B. D. Cabrera, J. Gosar, W. Lee and R. K. Mehra, \On the Statistical Distribution of Processing Times in Network Intrusion Detection," IEEE Conf. on Decision and Control, Bahamas, Dec. 2004. [17] A. V. Aho and M. J. Corasick, \Ecient String Matching: an Aid to Bibliographic Search," Commu. of the ACM, vol. 18, issue 6, pp. 333-340, Jun. 1975. [18] Fang Yu, Zhifeng Chen, Yanlei Diao, T. V. Lakshman, Randy H. Katz, \Proc. Symp. Architectures Networking and Comm. Systems" (ANCS 06), ACM Press, 2006. [19] N. Tuck, T. Sherwood, B. Calder and G. Varghese, \Deterministic Memory-ecient String Matching Algorithms for Intrusion Detection," IEEE INFOCOM, Hong Kong, Mar. 2004. [20] S. Dharmapurikar and J. Lockwood, \Fast and Scalable Pattern Match- ing for Content Filtering," Proc. Symp. on Architectures for Networking and Communications Systems (ANCS), Princeton, NJ, Oct. 2005. [21] S. Dharmapurikar, P. Krishnamurthy, T. S. Sproull and J. Lockwood, \Deep Packet Inspection Using Parallel Bloom Filters," IEEE Micro, vol. 24, issue 1, pp. 52-61, Jan.-Feb. 2004. [22] Intel, \Supra-linear Packet Processing Performance with Intel Multi-core Processors," Intel White Paper, 2006. [23] G. Vasiliadis, S. Antonatos, M. Polychronakis, E. P. Markatos and S. Ioannidis, \Gnort: high performance network intrusion detection using graphics processors," Proc. of the 11th International Symposium on Re- cent Advances in Intrusion Detection (RAID), Cambridge, MA, Sept. 2008. [24] H. Dreger, A. Feldmann, V. Paxson and R. Sommer, \Operational Ex- periences with High-Volume Network Intrusion Detection," Proc. ACM Computer and Communications Security (CCS), Washington DC, Oct. 2004. [25] H. Dreger, A. Feldmann, V. Paxson and R. Sommer, \Predicting the Resource Consumption of Network Intrusion Detection Systems," Proc. ACM Computer and Communications Security (CCS), Washington DC, Oct. 2008. [26] Y. D. Lin, I. W. Chen, P. C. Lin, C. S. Chen, C. H. Hsu, On Campus Beta Site: Architecture Designs, Operational Experience, and Top Product Defects, IEEE Communications Magazine, to appear. [27] W. Lee, W. F, M. Miller, S. J. Stolfo and E. Zodak, \Toward Cost- Sensitive Modeling for Intrusion Detection and Response", Journal of Computer Security, vol. 10, issue 1-2, pp. 5-22, 2002. [28] W. Lee, J. B. D. Cabrera, A. Thomas, N. Balwalli, S. Saluja and Y. Zhang, \Performance Adaptation in Real-Time Intrusion Detection Sys- tems," Intl. Symp. on Recent Advances In Intrusion Detection (RAID), Zurich, Switzerland, Oct. 2002. [29] M. Rehak, E. Staab, V. Fusenig, M. Pechoucek, M. Grill, J. Stiborek, K. Bartos and T. Engel, \Runtime Monitoring and Dynamic Reconguration for Intrusion Detection Systems," Intl. Symp. on Recent Advances In Intrusion Detection (RAID), Saint-Malo, Brittany, France, Sept. 2009. [30] S. Dharmapurikar and V. Paxson, \Robust TCP Stream Reassembly in the Presence of Adversaries," Proc. USENIX Security Symposium, Balti- more, MD, Aug. 2005. [31] G. Maier, R. Sommer, H. Dreger, A. Feldmann, V. Paxson and F. Schneider, \Enriching Network Security Analysis with Time Travel," Proc. ACM SIGCOMM, Seattle, WA, Aug. 2008. [32] Y. D. Lin, T. H. Cheng, P. C. Lin, I. W. Chen and Y. C. Lai,\Low- storage Capture and Loss-recovery Selective Replay of Real Flows," In preparation. [33] R. Pang and V. Paxson, \A High-level Programming Environment for Packet Trace Anonymization and Transformation," ACM SIGCOMM, Karlsruhe, Germany, Aug. 2003.
|