TOWARDS RUN-TIME PROTOCOL ANOMALY DETECTION AND VERIFICATION

Inseon Yoo; Ulrich Ultes-nitsche

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

TOWARDS RUN-TIME PROTOCOL ANOMALY DETECTION AND VERIFICATION

Topics: Intrusion Detection and Vulnerability Assessment; Network Security and Protocols (Ipsec)

In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE, 299-304, 2004 , Setúbal, Portugal

Authors: Inseon Yoo ¹ and Ulrich Ultes-nitsche ²

Affiliations: ¹ Universitiy of Fribourg, Switzerland ; ² University of Fribourg, Switzerland

Keyword(s): Run-time Protocol Verification, Protocol Anomaly Detection, SDL, EFSM/CEFSM.

Related Ontology Subjects/Areas/Topics: Information and Systems Security ; Intrusion Detection & Prevention ; Network Security

Abstract: `How to verify incoming packets whether they follow standards or not?' and `How to detect protocol anomalies in real-time?', we seek to answer these questions. In order to solve these questions, we have designed a packet verifier with packet inspection and sanity check. In this work, we specify TCP transaction behaviours declaratively in a high-level language called Specification and Description Language (SDL). This specification will be then compiled into an inspection engine program for oberving packets. In addition, the SanityChecker covers protocol header anomalies.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.16.83.150

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Yoo, I. and Ultes-nitsche, U. (2004). TOWARDS RUN-TIME PROTOCOL ANOMALY DETECTION AND VERIFICATION. In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE; ISBN 972-8865-15-5; ISSN 2184-3236, SciTePress, pages 299-304. DOI: 10.5220/0001395802990304

@conference{icete04,
author={Inseon Yoo. and Ulrich Ultes{-}nitsche.},
title={TOWARDS RUN-TIME PROTOCOL ANOMALY DETECTION AND VERIFICATION},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE},
year={2004},
pages={299-304},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001395802990304},
isbn={972-8865-15-5},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE
TI - TOWARDS RUN-TIME PROTOCOL ANOMALY DETECTION AND VERIFICATION
SN - 972-8865-15-5
IS - 2184-3236
AU - Yoo, I.
AU - Ultes-nitsche, U.
PY - 2004
SP - 299
EP - 304
DO - 10.5220/0001395802990304
PB - SciTePress