Abstract | ||
---|---|---|
We present an intrusion-detectiontool aimed at protect- ing web servers, and justify why such a tool is needed. We describe several interesting features, such as the ability to run in real time and to keep track of suspicious hosts. The design is fle xible and the signatures used to detect mali- cious behavior are not limited to simple pattern matching of dangerous cgi scripts. The tool includes mechanisms to reduce the number of false alarms. We conclude with a dis- cussion of the information gained from deploying the tool at various sites. |
Year | Venue | Keywords |
---|---|---|
2000 | NDSS | information gain,pattern matching |
DocType | Citations | PageRank |
Conference | 39 | 8.37 |
References | Authors | |
4 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Magnus Almgren | 1 | 270 | 39.17 |
Hervé Debar | 2 | 1238 | 120.68 |
Marc Dacier | 3 | 896 | 103.38 |