Check out the new USENIX Web site. next up previous
Next: Normalizations performed by norm Up: Network Intrusion Detection: Evasion, Previous: Acknowledgments

Bibliography

1
M. Allman, D. Glover and L. Sanchez.
Enhancing TCP Over Satellite Channels using Standard Mechanisms.
RFC 2488, Jan. 1999.

2
Anzen Computing.
fragrouter, 1999.
https://www.anzen.com/research/nidsbench/

3
Fyodor.
nmap, 2001.
https://www.insecure.org/nmap/

4
M. Handley, C. Kreibich, and V. Paxson.
Draft technical report, to appear at https://www.aciri.org/vern/papers/norm-TR-2001.ps.gz, 2001.

5
horizon <jmcdonal@unf.edu>.
Defeating Sniffers and Intrusion Detection Systems.
Phrack Magazine Volume 8, Issue 54, Dec. 25th, 1998.

6
C. Kent and J. Mogul.
Fragmentation Considered Harmful.
Proc. ACM SIGCOMM, 1987.

7
E. Kohler, R. Morris, B. Chen, J. Jannotti and M.F. Kaashoek.
The Click modular router.
ACM Transactions on Computer Systems, 18(3), pp. 263-297, Aug. 2000.

8
G. R. Malan, D. Watson, F. Jahanian and P. Howell.
Transport and Application Protocol Scrubbing.
Proceedings of the IEEE INFOCOM 2000 Conference, Tel Aviv, Israel, Mar. 2000.

9
L. Deri and S. Suin.
Improving Network Security Using Ntop.
Proc. Third International Workshop on the Recent Advances in Intrusion Detection (RAID 2000), Toulouse, France, Oct. 2000.

10
S. McCanne, C. Leres and V. Jacobson.
libpcap, 1994.
ftp://ftp.ee.lbl.gov/libpcap.tar.Z

11
K. Nichols, S. Blake, F. Baker and D. Black.
Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers.
RFC 2474, Dec. 1998.

12
V. Paxson.
Bro: A System for Detecting Network Intruders in Real-Time.
Computer Networks, 31(23-24), pp. 2435-2463, 14 Dec 1999.

13
V. Paxson and M. Handley.
Defending Against NIDS Evasion using Traffic Normalizers.
Presented at Second International Workshop on the Recent Advances in Intrusion Detection, Sept. 1999.

14
T. H. Ptacek and T. N. Newsham.
Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection.
Secure Networks, Inc., Jan. 1988.
https://www.aciri.org/vern/Ptacek-Newsham-Evasion-98.ps

15
K. Ramakrishnan and S. Floyd.
A Proposal to add Explicit Congestion Notification (ECN) to IP.
RFC 2481, Jan. 1999.

16
S. Sanfilippo.
new tcp scan method.
Bugtraq, Dec. 18, 1998.

17
M. Smart, G.R. Malan and F. Jahanian.
Defeating TCP/IP Stack Fingerprinting.
Proc. USENIX Security Symposium, Aug. 2000.

18
M. de Vivo, E. Carrasco, G. Isern and G. de Vivo.
A Review of Port Scanning Techniques.
Computer Communication Review, 29(2), April 1999.



Vern Paxson
2001-05-22