FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W88694106> ?p ?o ?g. }

• W88694106 endingPage "19" @default.
• W88694106 startingPage "19" @default.
• W88694106 abstract "Today's Internet intrusion detection systems (IDSes) monitor edge networks' DMZs to identify and/or filter malicious flows. While an IDS helps protect the hosts on its local edge network from compromise and denial of service, it cannot alone effectively intervene to halt and reverse the spreading of novel Internet worms. Generation of the worm signatures required by an IDS--the byte patterns sought in monitored traffic to identify worms--today entails non-trivial human labor, and thus significant delay: as network operators detect anomalous behavior, they communicate with one another and manually study packet traces to produce a worm signature. Yet intervention must occur early in an epidemic to halt a worm's spread. In this paper, we describe Autograph, a system that automatically generates signatures for novel Internet worms that propagate using TCP transport. Autograph generates signatures by analyzing the prevalence of portions of flow payloads, and thus uses no knowledge of protocol semantics above the TCP level. It is designed to produce signatures that exhibit high sensitivity (high true positives) and high specificity (low false positives); our evaluation of the system on real DMZ traces validates that it achieves these goals. We extend Autograph to share port scan reports among distributed monitor instances, and using trace-driven simulation, demonstrate the value of this technique in speeding the generation of signatures for novel worms. Our results elucidate the fundamental trade-off between early generation of signatures for novel worms and the specificity of these generated signatures." @default.
• W88694106 created "2016-06-24" @default.
• W88694106 creator A5004468633 @default.
• W88694106 creator A5048476303 @default.
• W88694106 date "2004-08-13" @default.
• W88694106 modified "2023-09-26" @default.
• W88694106 title "Autograph: toward automated, distributed worm signature detection" @default.
• W88694106 cites W1498585374 @default.
• W88694106 cites W1514368868 @default.
• W88694106 cites W1516506771 @default.
• W88694106 cites W1518067596 @default.
• W88694106 cites W1544837488 @default.
• W88694106 cites W1597305440 @default.
• W88694106 cites W1605124321 @default.
• W88694106 cites W1649901946 @default.
• W88694106 cites W1744212210 @default.
• W88694106 cites W2033811087 @default.
• W88694106 cites W2056980397 @default.
• W88694106 cites W2083477206 @default.
• W88694106 cites W2099040451 @default.
• W88694106 cites W2134006599 @default.
• W88694106 cites W2156644501 @default.
• W88694106 cites W1533186666 @default.
• W88694106 hasPublicationYear "2004" @default.
• W88694106 type Work @default.
• W88694106 sameAs 88694106 @default.
• W88694106 citedByCount "333" @default.
• W88694106 countsByYear W886941062012 @default.
• W88694106 countsByYear W886941062013 @default.
• W88694106 countsByYear W886941062014 @default.
• W88694106 countsByYear W886941062015 @default.
• W88694106 countsByYear W886941062016 @default.
• W88694106 countsByYear W886941062017 @default.
• W88694106 countsByYear W886941062018 @default.
• W88694106 countsByYear W886941062019 @default.
• W88694106 countsByYear W886941062020 @default.
• W88694106 countsByYear W886941062021 @default.
• W88694106 countsByYear W886941062022 @default.
• W88694106 crossrefType "proceedings-article" @default.
• W88694106 hasAuthorship W88694106A5004468633 @default.
• W88694106 hasAuthorship W88694106A5048476303 @default.
• W88694106 hasConcept C110875604 @default.
• W88694106 hasConcept C111919701 @default.
• W88694106 hasConcept C142362112 @default.
• W88694106 hasConcept C154945302 @default.
• W88694106 hasConcept C158379750 @default.
• W88694106 hasConcept C195219913 @default.
• W88694106 hasConcept C21639389 @default.
• W88694106 hasConcept C22735295 @default.
• W88694106 hasConcept C31258907 @default.
• W88694106 hasConcept C35525427 @default.
• W88694106 hasConcept C38652104 @default.
• W88694106 hasConcept C38822068 @default.
• W88694106 hasConcept C41008148 @default.
• W88694106 hasConcept C52119013 @default.
• W88694106 hasConcept C64869954 @default.
• W88694106 hasConceptScore W88694106C110875604 @default.
• W88694106 hasConceptScore W88694106C111919701 @default.
• W88694106 hasConceptScore W88694106C142362112 @default.
• W88694106 hasConceptScore W88694106C154945302 @default.
• W88694106 hasConceptScore W88694106C158379750 @default.
• W88694106 hasConceptScore W88694106C195219913 @default.
• W88694106 hasConceptScore W88694106C21639389 @default.
• W88694106 hasConceptScore W88694106C22735295 @default.
• W88694106 hasConceptScore W88694106C31258907 @default.
• W88694106 hasConceptScore W88694106C35525427 @default.
• W88694106 hasConceptScore W88694106C38652104 @default.
• W88694106 hasConceptScore W88694106C38822068 @default.
• W88694106 hasConceptScore W88694106C41008148 @default.
• W88694106 hasConceptScore W88694106C52119013 @default.
• W88694106 hasConceptScore W88694106C64869954 @default.
• W88694106 hasLocation W886941061 @default.
• W88694106 hasOpenAccess W88694106 @default.
• W88694106 hasPrimaryLocation W886941061 @default.
• W88694106 hasRelatedWork W1490025813 @default.
• W88694106 hasRelatedWork W1597305440 @default.
• W88694106 hasRelatedWork W1873122431 @default.
• W88694106 hasRelatedWork W2033811087 @default.
• W88694106 hasRelatedWork W2102970979 @default.
• W88694106 hasRelatedWork W2120933731 @default.
• W88694106 hasRelatedWork W2134006599 @default.
• W88694106 hasRelatedWork W2137786570 @default.
• W88694106 hasRelatedWork W2142892618 @default.
• W88694106 hasRelatedWork W2159919478 @default.
• W88694106 hasRelatedWork W2165100126 @default.
• W88694106 hasRelatedWork W1685449055 @default.
• W88694106 hasRelatedWork W1838763948 @default.
• W88694106 hasRelatedWork W1859962938 @default.
• W88694106 hasRelatedWork W1867952266 @default.
• W88694106 hasRelatedWork W1908791074 @default.
• W88694106 hasRelatedWork W1909588552 @default.
• W88694106 hasRelatedWork W1924444110 @default.
• W88694106 hasRelatedWork W2118511626 @default.
• W88694106 hasRelatedWork W2148365541 @default.
• W88694106 isParatext "false" @default.
• W88694106 isRetracted "false" @default.
• W88694106 magId "88694106" @default.
• W88694106 workType "article" @default.