You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Dynamic Protocol Analysis for Network Intrusion Detection Systems

Tags:
network security

Overview Many Network Intrusion Detection Systems (NIDSs) perform application layer protocol analysis. These systems typically infer the protocol from the ports in the TCP or UDP headers. This is not a reliable technique since many protocols do not use fixed ports. On the other hand there exist better methods to identify used application layer protocols e.g. signatures. This paper presents design and implementation of architecture for NIDSs which supports the integration of these advanced methods for dynamic protocol analysis. The design is suitable for analyzing tunneled connections as well. The implementation for the open source system Bro uses its existing signature matching engine as additional protocol detection method.

Further White Paper Details
Publisher	TECHNICAL UNIVERSITY OF MUNICH	File Format	PDF
Date Published	September 2005
Format	White Papers
Topics	Network Security, Security Tools, Intrusion Detection Systems

Did you find this white paper useful? 3 out of 6 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Security: New strides in preventing intrusions.

Publisher:
IBM

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

DTW - DODIIS Trusted Workstation: Intelligence Paradigm for the 21st Century

Publisher:
Sun Microsystems

Developer worries see WAP turning Japanese

But we are already working closely with NTT DoCoMo to put TCP/IP layer in WAP version 2.0, and we expect to have a merged product by the middle of next year. The WAP Forum has set up a working group to extend and adapt its existing protocols to...

Channel:
Mobile & Wireless

OS Wars: Unix vendors prepare to take on Windows XP

We expect broad Unix [HP-UX and Compaq's Tru64] integration claims, and both vendors have already committed to Intel ports," said Jack Gold, an analyst at the Meta Group. Still, the most recent operating system, HP-UX 11i, includes support for...

Channel:
Comment & Analysis

Companies urged to patch Sendmail

Because the vulnerability is contained in an email message, it will bypass firewalls and many intrusion detection systems, said Dan Ingsvaldson, team leader for ISS's vulnerability research group. At present, no attack tool that could exploit the...

Father of the internet says email ID will cure spam

Cerf, who co-created the TCP/IP (Transmission Control Protocol/Internet Protocol) of the internet and now works as chief corporate strategist for MCI, delivered opening remarks at the first inaugural Email Technology Conference.

Channel:
LANs

The dos and don'ts of VoIP security

Additional tools that will help networks in case of any attack are intrusion detection and prevention systems, which scan for rogue incoming packets, and straightforward antivirus software which can help prevent any known threats from disrupting...

Liverpool midwives cull paper with 3G laptops

In the interests of data security, safety and so on… we need to make sure the laptop itself isn't holding any patient data, the midwives can't really do anything with the laptop but enter the data, so we've made sure all the USB ports are locked...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Network Security White Papers

Dynamic Protocol Analysis for Network Intrusion Detection Systems

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific