Next: Normalizations performed by norm
Up: Network Intrusion Detection: Evasion,
Previous: Acknowledgments
-
- 1
-
M. Allman, D. Glover and L. Sanchez.
Enhancing TCP Over Satellite Channels using Standard Mechanisms.
RFC 2488, Jan. 1999.
- 2
-
Anzen Computing.
fragrouter, 1999.
https://www.anzen.com/research/nidsbench/
- 3
-
Fyodor.
nmap, 2001.
https://www.insecure.org/nmap/
- 4
-
M. Handley, C. Kreibich, and V. Paxson.
Draft technical report, to appear at
https://www.aciri.org/vern/papers/norm-TR-2001.ps.gz, 2001.
- 5
-
horizon
<jmcdonal@unf.edu>
.
Defeating Sniffers and Intrusion Detection Systems.
Phrack Magazine Volume 8, Issue 54, Dec. 25th, 1998.
- 6
-
C. Kent and J. Mogul.
Fragmentation Considered Harmful.
Proc. ACM SIGCOMM, 1987.
- 7
-
E. Kohler, R. Morris, B. Chen, J. Jannotti and M.F. Kaashoek.
The Click modular router.
ACM Transactions on Computer Systems, 18(3), pp. 263-297, Aug. 2000.
- 8
-
G. R. Malan, D. Watson, F. Jahanian and P. Howell.
Transport and Application Protocol Scrubbing.
Proceedings of the IEEE INFOCOM 2000 Conference, Tel Aviv, Israel, Mar. 2000.
- 9
-
L. Deri and S. Suin.
Improving Network Security Using Ntop.
Proc. Third International Workshop on the Recent Advances in Intrusion Detection (RAID 2000), Toulouse, France, Oct. 2000.
- 10
-
S. McCanne, C. Leres and V. Jacobson.
libpcap, 1994.
ftp://ftp.ee.lbl.gov/libpcap.tar.Z
- 11
-
K. Nichols, S. Blake, F. Baker and D. Black.
Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers.
RFC 2474, Dec. 1998.
- 12
-
V. Paxson.
Bro: A System for Detecting Network Intruders in Real-Time.
Computer Networks, 31(23-24), pp. 2435-2463, 14 Dec 1999.
- 13
-
V. Paxson and M. Handley.
Defending Against NIDS Evasion using Traffic Normalizers.
Presented at Second International Workshop on the Recent Advances in Intrusion Detection, Sept. 1999.
- 14
-
T. H. Ptacek and T. N. Newsham.
Insertion, Evasion and Denial of Service: Eluding Network Intrusion Detection.
Secure Networks, Inc., Jan. 1988.
https://www.aciri.org/vern/Ptacek-Newsham-Evasion-98.ps
- 15
-
K. Ramakrishnan and S. Floyd.
A Proposal to add Explicit Congestion Notification (ECN) to IP.
RFC 2481, Jan. 1999.
- 16
-
S. Sanfilippo.
new tcp scan method.
Bugtraq, Dec. 18, 1998.
- 17
-
M. Smart, G.R. Malan and F. Jahanian.
Defeating TCP/IP Stack Fingerprinting.
Proc. USENIX Security Symposium, Aug. 2000.
- 18
-
M. de Vivo, E. Carrasco, G. Isern and G. de Vivo.
A Review of Port Scanning Techniques.
Computer Communication Review, 29(2), April 1999.
Vern Paxson
2001-05-22