You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Enhancing Network Intrusion Detection With Integrated Sampling and Filtering

Tags:
network security

Overview The structure of many standalone Network Intrusion Detection Systems (NIDSs) centers around a chain of analysis that begins with packets captured by a packet filter, where the filter describes the protocols (TCP/UDP port numbers) and sometimes hosts or subnets to include or exclude from the analysis. This paper argues for augmenting such analysis with an additional, separately filtered stream of packets. This "Secondary Path" supplements the "Main Path" by integrating sampling and richer forms of filtering into a NIDS's analysis. It discusses an implementation of a secondary path for the Bro intrusion detection system and enhancements the authors developed to the Berkeley Packet Filter to work in concert with the secondary path.

Further White Paper Details
Publisher	University of California	File Format	PDF
Date Published	July 2006
Format	White Papers
Topics	Network Security, Security Tools, Intrusion Detection Systems

Did you find this white paper useful? 2 out of 7 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

County Government Increases the Security of Its Network

Publisher:
Microsoft

Memorial Manufacturer Streamlines Order Processing, Assures Network Security

Publisher:
Microsoft

Symantec refocuses, Clickmango exits and firms seek talent

New security solutions will include content filtering, intrusion detection, vulnerability assessment and firewall features, in addition to the continued strength of the Antivirus solution. It is also aiming to develop its existing delivery service...

Channel:
Comment & Analysis

Hackers become the meat in a Cisco sandwich

The 4250 can inspect packets at gigabit speed which means quicker detection of any possible attackers and we believe it's the fastest of its kind," he said. Cisco has unveiled two new products as part of its intrusion detection systems (IDS...

Channel:
Security Strategy

Cisco battles Juniper with worms

Platon said the company is also working to extend its intrusion detection technology, which is already shipping as an appliance and as a blade for the Catalyst 6500. A new element in the updated IOS is improved protection against denial of service...

Channel:
Security Strategy

Analysis: The network is the security

Network devices will have the ability to tear apart packets, block malicious code, enforce policies and filter content up and down the OSI (Open Systems Interconnection) stack. This means that the network will perform the same functions that...

VoIP: Don't forget about security

To secure the network, Hancock puts access controllers in his infrastructure to separate voice traffic onto its own LAN and uses quality of service technology to filter out denial of service attacks. I'm waiting to see the security tool which is a...

Channel:
VoIP
Tags:
security,
voip

Cracked: The Great Firewall of China

If an attacker generated 100 triggering packets per second, and each packet caused 20 minutes of disruption, 120,000 pairs of endpoints could be prevented from communicating at any one time. The researchers found it was possible to circumvent the...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

Enhancing Network Intrusion Detection With Integrated Sampling and Filtering

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific