FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W3211991114> ?p ?o ?g. }

• W3211991114 abstract "Network intrusion detection systems (NIDS) can be evaded by carefully crafted packets that exploit implementation-level discrepancies between how they are processed on the NIDS and at the endhosts. These discrepancies arise due to the plethora of endhost implementations and evolutions thereof. It is prohibitive to proactively employ a large set of implementations at the NIDS and check incoming packets against all of those. Hence, NIDS typically choose simplified implementations that attempt to approximate and generalize across the different endhost implementations. Unfortunately, this solution is fundamentally flawed since such approximations are bound to have discrepancies with some endhost implementations. In this paper, we develop a lightweight system Themis, which empowers the NIDS in identifying these discrepancies and reactively forking its connection states when any packets with ambiguities are encountered. Specifically, Themis incorporates an offline phase in which it extracts models from various popular implementations using symbolic execution. During runtime, it maintains a nondeterministic finite automaton to keep track of the states for each possible implementation. Our extensive evaluations show that Themis is extremely effective and can detect all evasion attacks known to date, while consuming extremely low overhead. En route, we also discovered multiple previously unknown discrepancies that can be exploited to bypass current NIDS." @default.
• W3211991114 created "2021-11-22" @default.
• W3211991114 creator A5022038961 @default.
• W3211991114 creator A5026160046 @default.
• W3211991114 creator A5049055215 @default.
• W3211991114 creator A5062977951 @default.
• W3211991114 creator A5067922544 @default.
• W3211991114 creator A5072828043 @default.
• W3211991114 creator A5073465096 @default.
• W3211991114 creator A5081510381 @default.
• W3211991114 creator A5086268637 @default.
• W3211991114 date "2021-11-12" @default.
• W3211991114 modified "2023-10-16" @default.
• W3211991114 title "Themis: Ambiguity-Aware Network Intrusion Detection based on Symbolic Model Comparison" @default.
• W3211991114 cites W1516506771 @default.
• W3211991114 cites W1976919795 @default.
• W3211991114 cites W1979693894 @default.
• W3211991114 cites W2040333627 @default.
• W3211991114 cites W2078186835 @default.
• W3211991114 cites W2094382938 @default.
• W3211991114 cites W2104993088 @default.
• W3211991114 cites W2107147876 @default.
• W3211991114 cites W2132523160 @default.
• W3211991114 cites W2155300758 @default.
• W3211991114 cites W2166509025 @default.
• W3211991114 cites W2538556898 @default.
• W3211991114 cites W2610511123 @default.
• W3211991114 cites W2650293344 @default.
• W3211991114 cites W2768904474 @default.
• W3211991114 cites W2785474195 @default.
• W3211991114 cites W2946925508 @default.
• W3211991114 cites W2963723316 @default.
• W3211991114 cites W2985708757 @default.
• W3211991114 cites W3007237867 @default.
• W3211991114 cites W3043711568 @default.
• W3211991114 cites W3046608336 @default.
• W3211991114 cites W3111490787 @default.
• W3211991114 cites W4232665781 @default.
• W3211991114 cites W4288079251 @default.
• W3211991114 doi "https://doi.org/10.1145/3460120.3484762" @default.
• W3211991114 hasPublicationYear "2021" @default.
• W3211991114 type Work @default.
• W3211991114 sameAs 3211991114 @default.
• W3211991114 citedByCount "0" @default.
• W3211991114 crossrefType "proceedings-article" @default.
• W3211991114 hasAuthorship W3211991114A5022038961 @default.
• W3211991114 hasAuthorship W3211991114A5026160046 @default.
• W3211991114 hasAuthorship W3211991114A5049055215 @default.
• W3211991114 hasAuthorship W3211991114A5062977951 @default.
• W3211991114 hasAuthorship W3211991114A5067922544 @default.
• W3211991114 hasAuthorship W3211991114A5072828043 @default.
• W3211991114 hasAuthorship W3211991114A5073465096 @default.
• W3211991114 hasAuthorship W3211991114A5081510381 @default.
• W3211991114 hasAuthorship W3211991114A5086268637 @default.
• W3211991114 hasBestOaLocation W32119911141 @default.
• W3211991114 hasConcept C112505250 @default.
• W3211991114 hasConcept C120314980 @default.
• W3211991114 hasConcept C158379750 @default.
• W3211991114 hasConcept C165696696 @default.
• W3211991114 hasConcept C176181172 @default.
• W3211991114 hasConcept C199360897 @default.
• W3211991114 hasConcept C203014093 @default.
• W3211991114 hasConcept C26713055 @default.
• W3211991114 hasConcept C2779960059 @default.
• W3211991114 hasConcept C2780522230 @default.
• W3211991114 hasConcept C2781251061 @default.
• W3211991114 hasConcept C31258907 @default.
• W3211991114 hasConcept C35525427 @default.
• W3211991114 hasConcept C38652104 @default.
• W3211991114 hasConcept C41008148 @default.
• W3211991114 hasConcept C80444323 @default.
• W3211991114 hasConcept C86803240 @default.
• W3211991114 hasConcept C8891405 @default.
• W3211991114 hasConceptScore W3211991114C112505250 @default.
• W3211991114 hasConceptScore W3211991114C120314980 @default.
• W3211991114 hasConceptScore W3211991114C158379750 @default.
• W3211991114 hasConceptScore W3211991114C165696696 @default.
• W3211991114 hasConceptScore W3211991114C176181172 @default.
• W3211991114 hasConceptScore W3211991114C199360897 @default.
• W3211991114 hasConceptScore W3211991114C203014093 @default.
• W3211991114 hasConceptScore W3211991114C26713055 @default.
• W3211991114 hasConceptScore W3211991114C2779960059 @default.
• W3211991114 hasConceptScore W3211991114C2780522230 @default.
• W3211991114 hasConceptScore W3211991114C2781251061 @default.
• W3211991114 hasConceptScore W3211991114C31258907 @default.
• W3211991114 hasConceptScore W3211991114C35525427 @default.
• W3211991114 hasConceptScore W3211991114C38652104 @default.
• W3211991114 hasConceptScore W3211991114C41008148 @default.
• W3211991114 hasConceptScore W3211991114C80444323 @default.
• W3211991114 hasConceptScore W3211991114C86803240 @default.
• W3211991114 hasConceptScore W3211991114C8891405 @default.
• W3211991114 hasFunder F4320306076 @default.
• W3211991114 hasFunder F4320338295 @default.
• W3211991114 hasLocation W32119911141 @default.
• W3211991114 hasOpenAccess W3211991114 @default.
• W3211991114 hasPrimaryLocation W32119911141 @default.
• W3211991114 hasRelatedWork W1508315017 @default.
• W3211991114 hasRelatedWork W2092071486 @default.
• W3211991114 hasRelatedWork W2105847876 @default.
• W3211991114 hasRelatedWork W2121002532 @default.

• next