SRI Logo
 Computer Science Laboratory
  Contact
+People at CSL
+Projects at CSL
+Research Programs
 Division Home
 About Us|R and D Divisions|Careers|Newsroom|Contact Us|SRI Home
     
  SRI Logo

 Live Traffic Analysis of TCP/IP Gateways
 by Phillip Porras & Alfonso Valdes.

From Internet Society's Networks and Distributed Systems Security Symposium.
March, 1998.


Abstract
We enumerate a variety of ways to extend both statistical and signature-based intrusion-detection analysis techniques to monitor network traffic. Specifically, we present techniques to analyze TCP/IP packet streams that flow through network gateways for signs of malicious activity, nonmalicious failures, and other exceptional events. The intent is to demonstrate, by example, the utility of introducing gateway surveillance mechanisms to monitor network traffic. We present this discussion of gateway surveillance mechanisms as complementary to the filtering mechanisms of a large enterprise network, and illustrate the usefulness of surveillance in directly enhancing the security and stability of network operations.
BibTEX Entry 
@inproceedings{gateway98,
    AUTHOR = {Phillip {A.} Porras and Alfonso Valdes},
    TITLE = {Live Traffic Analysis of {TCP/IP} Gateways},
    BOOKTITLE = {Internet Society's Networks and Distributed Systems Security Symposium},
    YEAR = {1998},
    MONTH = {March},
    URL = {http://www.sdl.sri.com/papers/gateway98/}
}
 Files
  













 

About Us  |  R&D Divisions  |  Careers  |  Newsroom  |  Contact Us
© 2024 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493
SRI International is an independent, nonprofit corporation. Privacy policy