33 Search Results for "Carle, Georg"


Document
The Critical Internet Infrastructure (Dagstuhl Seminar 13322)

Authors: Georg Carle, Jochen Schiller, Steve Uhlig, Walter Willinger, and Matthias Wählisch

Published in: Dagstuhl Reports, Volume 3, Issue 8 (2013)


Abstract
This report documents the program and the outcomes of Dagstuhl Seminar 13322 "The Critical Internet Infrastructure". The scope of the seminar includes three main topics, rethinking perspectives on the Internet backbone, methodologies to analyze the Internet structure, and paradigms overlaying IP connectivity. The results are based on fruitful discussions between people from the research and operational community.

Cite as

Georg Carle, Jochen Schiller, Steve Uhlig, Walter Willinger, and Matthias Wählisch. The Critical Internet Infrastructure (Dagstuhl Seminar 13322). In Dagstuhl Reports, Volume 3, Issue 8, pp. 27-39, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2013)


Copy BibTex To Clipboard

@Article{carle_et_al:DagRep.3.8.27,
  author =	{Carle, Georg and Schiller, Jochen and Uhlig, Steve and Willinger, Walter and W\"{a}hlisch, Matthias},
  title =	{{The Critical Internet Infrastructure (Dagstuhl Seminar 13322)}},
  pages =	{27--39},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2013},
  volume =	{3},
  number =	{8},
  editor =	{Carle, Georg and Schiller, Jochen and Uhlig, Steve and Willinger, Walter and W\"{a}hlisch, Matthias},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagRep.3.8.27},
  URN =		{urn:nbn:de:0030-drops-43416},
  doi =		{10.4230/DagRep.3.8.27},
  annote =	{Keywords: Internet, Backbone, Internet Services, Critical Infrastructure}
}
Document
Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)

Authors: Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König

Published in: Dagstuhl Reports, Volume 2, Issue 2 (2012)


Abstract
The increasing dependence of human society on information technology (IT) systems requires appropriate measures to cope with their misuse. The growing potential of threats, which make these systems more and more vulnerable, is caused by the complexity of the technologies themselves. The potential of threats in networked systems will further grow as well as the number of individuals who are able to abuse these systems. It becomes increasingly apparent that IT security cannot be achieved by prevention alone. Preventive measures and reactive aspects need to complement one another. A major challenge of modern IT security technologies is to cope with an exploding variability of attacks which stems from a significant commercial motivation behind them. Increasingly proactive measures are required to ward off these threats. Increased efforts in research and society are required to protect critical civil infrastructures, such as the health care system, the traffic system, power supply, trade, military networks, and others in developed countries. This is a consequence of the increasing shift of industrial IT systems to the IP protocol leading to sensible IT infrastructures which are more vulnerable as the proprietary systems used in the past. The abundance of services of modern infrastructures critically depends on information and communication technologies. Though, being key enablers of critical infrastructures, these technologies are, at the same time, reckoned among the most vulnerable elements of the whole system. The cooperative information exchange between institutions is mandatory in order to detect distributed and coordinated attacks. Based on a large-scale acquisition of pertinent information, Early Warning Systems are a currently pursued approach to draw up situation pictures that allows the detection of trends and upcoming threats, allowing furthermore taking appropriate measures. The Dagstuhl seminar brought together researchers from academia and industry. The objective of the seminar was to further discuss challenges and methods in the area of attack detection and defense. The seminar was supposed to focus on design aspects of early warning systems and related monitoring infrastructures, e.g., intrusion detection overlays, to protect computer systems, networks, and critical infrastructures. The seminar was jointly organized by Georg Carle, Hervé Debar, Hartmut König, and Jelena Mirkovic. It was attended by 34 participants from nine countries.

Cite as

Georg Carle, Hervé Debar, Falko Dressler, and Hartmut König. Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061). In Dagstuhl Reports, Volume 2, Issue 2, pp. 1-20, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2012)


Copy BibTex To Clipboard

@Article{carle_et_al:DagRep.2.2.1,
  author =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  title =	{{Network Attack Detection and Defense Early Warning Systems - Challenges and Perspectives (Dagstuhl Seminar 12061)}},
  pages =	{1--20},
  journal =	{Dagstuhl Reports},
  ISSN =	{2192-5283},
  year =	{2012},
  volume =	{2},
  number =	{2},
  editor =	{Carle, Georg and Debar, Herv\'{e} and Dressler, Falko and K\"{o}nig, Hartmut},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagRep.2.2.1},
  URN =		{urn:nbn:de:0030-drops-34761},
  doi =		{10.4230/DagRep.2.2.1},
  annote =	{Keywords: early warning systems, critical infrastructure protection, botnets, intrusion detection, malware assessment, vulnerability analysis, network monitoring, flow analysis, denial-of-service detection and response, event correlation, attack response and countermeasures}
}
Document
Improving Markov-based TCP Traffic Classification

Authors: Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle

Published in: OASIcs, Volume 17, 17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011)


Abstract
This paper presents an improved variant of our Markov-based TCP traffic classifier and demonstrates its performance using traffic captured in a university network. Payload length, flow direction, and position of the first data packets of a TCP connection are reflected in the states of the Markov models. In addition, we integrate a new "end of connection" state to further improve the classification accuracy. Using 10-fold cross validation, we identify appropriate settings for the payload length intervals and the number of data packets considered in the models. Finally, we discuss the classification results for the different applications.

Cite as

Gerhard Münz, Stephan Heckmüller, Lothar Braun, and Georg Carle. Improving Markov-based TCP Traffic Classification. In 17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011). Open Access Series in Informatics (OASIcs), Volume 17, pp. 61-72, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2011)


Copy BibTex To Clipboard

@InProceedings{munz_et_al:OASIcs.KiVS.2011.61,
  author =	{M\"{u}nz, Gerhard and Heckm\"{u}ller, Stephan and Braun, Lothar and Carle, Georg},
  title =	{{Improving Markov-based TCP Traffic Classification}},
  booktitle =	{17th GI/ITG Conference on Communication in Distributed Systems (KiVS 2011)},
  pages =	{61--72},
  series =	{Open Access Series in Informatics (OASIcs)},
  ISBN =	{978-3-939897-27-9},
  ISSN =	{2190-6807},
  year =	{2011},
  volume =	{17},
  editor =	{Luttenberger, Norbert and Peters, Hagen},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/OASIcs.KiVS.2011.61},
  URN =		{urn:nbn:de:0030-drops-29582},
  doi =		{10.4230/OASIcs.KiVS.2011.61},
  annote =	{Keywords: Markov model, TCP Traffic Classification, network}
}
Document
1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense

Authors: Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, and Christopher Kruegel

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
From March 2nd to 6th, 2008, the Dagstuhl Perspective Workshop 08102 Net-work Attack Detection and Defense was held at the International Conference and Research Center (IBFI), Schloss Dagstuhl. The objective of the workshop was to work out a manifesto that identifies past shortcomings and future direc-tions for the field. During the workshop, several participants presented their perspective on the development of the area. Furthermore, ongoing work and on open problems were discussed. Six working groups were formed to discuss the state of the art and the challenges of future research directions. The Executive Summary describes the workshop topics and goals in general, and gives an overview of its course. Abstracts of the presentations given during the work-shop, the outcomes of the working groups, and the manifesto are put together in the online proceedings.

Cite as

Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, and Christopher Kruegel. 1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-6, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{carle_et_al:DagSemProc.08102.1,
  author =	{Carle, Georg and Dressler, Falko and Kemmerer, Richard A. and Koenig, Hartmut and Kruegel, Christopher},
  title =	{{1. 08102 Executive Summary – Perspectives Workshop: Network Attack Detection and Defense}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--6},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.1},
  URN =		{urn:nbn:de:0030-drops-14926},
  doi =		{10.4230/DagSemProc.08102.1},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
2. 08102 Working Group – Early Warning Systems

Authors: Joachim Biskup, Bernhard Hämmerli, Michael Meier, Sebastian Schmerl, Jens Tölle, and Michael Vogel

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
Early Warning Systems aim at detecting unclassified but potentially harmful sys-tem behavior based on preliminary indications and are complementary to Intrusion Detection Systems. Both kinds of systems try to detect, identify and react before pos-sible damage occurs and contribute to an integrated and aggregated situation report (big picture). A particular emphasis of Early Warning Systems is to establish hypotheses and predictions as well as to generate advises in still not completely understood situations. Thus the term early has two meanings, a) to start early in time aiming to minimize damage, and b) to process uncertain and incomplete information.

Cite as

Joachim Biskup, Bernhard Hämmerli, Michael Meier, Sebastian Schmerl, Jens Tölle, and Michael Vogel. 2. 08102 Working Group – Early Warning Systems. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-2, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{biskup_et_al:DagSemProc.08102.2,
  author =	{Biskup, Joachim and H\"{a}mmerli, Bernhard and Meier, Michael and Schmerl, Sebastian and T\"{o}lle, Jens and Vogel, Michael},
  title =	{{2. 08102 Working Group – Early Warning Systems}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--2},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.2},
  URN =		{urn:nbn:de:0030-drops-14936},
  doi =		{10.4230/DagSemProc.08102.2},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
3. 08102 Outcome Working Group – Situational Awareness

Authors: Richard A. Kemmerer, Roland Bueschkes, Ali Fessi, Hartmut Koenig, Peter Herrmann, Stephen Wolthusen, Marko Jahnke, Hervé Debar, Ralph Holz, Tanja Zseby, and Dirk Haage

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
Situation awareness (SA) has been defined as "the perception of elements in the environment within a volume of time and space, the comprehension of their meaning, and the projection of their status in the near future" (Endsley, 1988, 1995b, 2000).

Cite as

Richard A. Kemmerer, Roland Bueschkes, Ali Fessi, Hartmut Koenig, Peter Herrmann, Stephen Wolthusen, Marko Jahnke, Hervé Debar, Ralph Holz, Tanja Zseby, and Dirk Haage. 3. 08102 Outcome Working Group – Situational Awareness. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-3, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{kemmerer_et_al:DagSemProc.08102.3,
  author =	{Kemmerer, Richard A. and Bueschkes, Roland and Fessi, Ali and Koenig, Hartmut and Herrmann, Peter and Wolthusen, Stephen and Jahnke, Marko and Debar, Herv\'{e} and Holz, Ralph and Zseby, Tanja and Haage, Dirk},
  title =	{{3. 08102 Outcome Working Group – Situational Awareness}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--3},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.3},
  URN =		{urn:nbn:de:0030-drops-14942},
  doi =		{10.4230/DagSemProc.08102.3},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
4. 8102 Working Group – Attack Taxonomy

Authors: Marc Daciér, Hervé Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, and James Sterbenz

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
The starting point of this working group was the question about the kinds of attacks that can be detected by inspecting in network traffic. In general, we identified four major problems that network-based intrusion detection systems are facing: 1. Encrypted network traffic 2. Application-level attacks 3. Performance 4. Evasion attack.

Cite as

Marc Daciér, Hervé Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, and James Sterbenz. 4. 8102 Working Group – Attack Taxonomy. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{dacier_et_al:DagSemProc.08102.4,
  author =	{Daci\'{e}r, Marc and Debar, Herv\'{e} and Holz, Thorsten and Kirda, Engin and Kohlrausch, Jan and Kruegel, Christopher and Rieck, Konrad and Sterbenz, James},
  title =	{{4. 8102 Working Group – Attack Taxonomy}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.4},
  URN =		{urn:nbn:de:0030-drops-14955},
  doi =		{10.4230/DagSemProc.08102.4},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
5. 08102 Working Group – Measurement Requirements

Authors: Lothar Braun, Thorsten Braun, Georg Carle, Falko Dressler, Anja Feldmann, Dirk Haage, Tobias Limmer, and Tanja Zseby

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
The objective of this working group was to derive measurement requirements and challenges that originate from intrusion detection.

Cite as

Lothar Braun, Thorsten Braun, Georg Carle, Falko Dressler, Anja Feldmann, Dirk Haage, Tobias Limmer, and Tanja Zseby. 5. 08102 Working Group – Measurement Requirements. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{braun_et_al:DagSemProc.08102.5,
  author =	{Braun, Lothar and Braun, Thorsten and Carle, Georg and Dressler, Falko and Feldmann, Anja and Haage, Dirk and Limmer, Tobias and Zseby, Tanja},
  title =	{{5. 08102 Working Group – Measurement Requirements}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.5},
  URN =		{urn:nbn:de:0030-drops-14962},
  doi =		{10.4230/DagSemProc.08102.5},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective

Authors: Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, and James Sterbenz

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
Detection of malicious traffic is based on its input data, the information that is co-ming from network-based monitoring systems. Best detection rates would only be possible by monitoring all data transferred over all network lines in a distributed net-work. Monitoring and reporting this amount of data are feasible in neither today's, nor will be in future's systems. Later analysis like stateful inspection of the traffic imposes even more processing costs. But only at this level of monitoring and analysis there may be a chance to capture all attacks inside a system. So there needs to be a trade-off between detection success and the processing costs.

Cite as

Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, and James Sterbenz. 6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{braun_et_al:DagSemProc.08102.6,
  author =	{Braun, Lothar and Dressler, Falko and Holz, Thorsten and Kirda, Engin and Kohlrausch, Jan and Kruegel, Christopher and Limmer, Tobias and Rieck, Konrad and Sterbenz, James},
  title =	{{6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.6},
  URN =		{urn:nbn:de:0030-drops-14970},
  doi =		{10.4230/DagSemProc.08102.6},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
7. 08102 Working Group – Intrusion and Fraud Detection for Web Services

Authors: Marc Daciér, Ulrich Flegel, Ralph Holz, and Norbert Luttenberger

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
Web services (WS) technology bears the promise to finally bring the power of SOA middleware to the road on a large scale and across organizational domains. Big players such as Google, Amazon, SAP, and IBM have already adopted the technol-ogy. European funding agencies are strongly believing and heavily investing into WS-related technological developments and application scenarios. We expect a growing adoption and widespread use of Web services for different application areas, among them e.g. value added service composition, Web 2.0-enhanced communication sys-tems (e.g. based on Ajax), and focused service offerings from specialized small or medium sized enterprises (SMEs).

Cite as

Marc Daciér, Ulrich Flegel, Ralph Holz, and Norbert Luttenberger. 7. 08102 Working Group – Intrusion and Fraud Detection for Web Services. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-3, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{dacier_et_al:DagSemProc.08102.7,
  author =	{Daci\'{e}r, Marc and Flegel, Ulrich and Holz, Ralph and Luttenberger, Norbert},
  title =	{{7. 08102 Working Group – Intrusion and Fraud Detection for Web Services}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--3},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.7},
  URN =		{urn:nbn:de:0030-drops-14982},
  doi =		{10.4230/DagSemProc.08102.7},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense

Authors: Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, Christopher Kruegel, and Pavel Laskov

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
This manifesto is the result of the Perspective Workshop Network Attack Detection and Defense held in Schloss Dagstuhl (Germany) from March 2nd – 6th, 2008. The participants of the workshop represent researchers from Austria, France, Norway, the Switzerland, the United States, and Germany who work actively in the field of intrusion detection and network monitoring. The workshop attendee’s opinion was that intrusion detection and flow analysis, which have been developed as complementary approaches for the detection of network attacks, should more strongly combine event detection and correlation techniques to better meet future challenges in future reactive security. The workshop participants considered various perspectives to envision future network attack detection and defense. The following topics are seen as important in the future: the development of early warning systems, the introduction of situation awareness, the improvement of measurement technology, taxonomy of attacks, the application of intrusion and fraud detection for web services, and anomaly detection. In order to realize those visions the state of the art, the challenges, and research priorities were identified for each topic by working groups. The outcome of the discussion is summarized in working group papers which are published in the workshop proceedings. The papers were compiled by the editors to this manifesto.

Cite as

Georg Carle, Falko Dressler, Richard A. Kemmerer, Hartmut Koenig, Christopher Kruegel, and Pavel Laskov. 8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-16, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{carle_et_al:DagSemProc.08102.8,
  author =	{Carle, Georg and Dressler, Falko and Kemmerer, Richard A. and Koenig, Hartmut and Kruegel, Christopher and Laskov, Pavel},
  title =	{{8. 08102 Manifesto – Perspectives Workshop: Network Attack Detection and Defense}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--16},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.8},
  URN =		{urn:nbn:de:0030-drops-14917},
  doi =		{10.4230/DagSemProc.08102.8},
  annote =	{Keywords: Manifesto of the Dagstuhl Perspective Workshop, March 2nd - 6th, 2008}
}
Document
04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks

Authors: Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
From 03.10.04 to 06.10.04, the Dagstuhl Seminar 04411 ``Service Management and Self-Organization in IP-based Networks'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available.

Cite as

Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner. 04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, pp. 1-18, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{bossardt_et_al:DagSemProc.04411.1,
  author =	{Bossardt, Matthias and Carle, Georg and Hutchison, David and Meer, Hermann de and Plattner, Bernhard},
  title =	{{04411 Abtracts Collection – Service Management and Self-Organization in IP-based Networks}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  pages =	{1--18},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.1},
  URN =		{urn:nbn:de:0030-drops-1141},
  doi =		{10.4230/DagSemProc.04411.1},
  annote =	{Keywords: Service management , network service , self-organization , network management , programmable network , active network , peer-to-peer network ad-hoc network}
}
Document
Some lessons from an experience with active video flow regulation

Authors: Ken Chen and Rim Hammi

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
People are paying more and more attention to network infrastructures which are capable of dynamic code deployment and reconfiguration, in order to deal with the increase of network complexity both on scale and on heterogeneity. The concept of "active network" has been one of the pioneer ideas. As a starting point, we present an experience we got through the design and implementation of an active network technology based mechanism for video flow regulation. This mechanism makes use of several typical active networking features to perform real-time video flows analysis and provide consequently responsive feedback control to video codec. The main goal here is to adapt quickly the video stream bitrate to the current available bandwidth. From the end-user's view point, the effect of adaptation is to spread the bitrate reduction (relatively) uniformly to all the stream, avoiding in this way abrupt image deterioration (mosaics) due to packet loss. Tests show visible improvements obtained by our mechanism vs the classical RTCP-based control scheme. This work has been jointly done with Rim Hammi. We then discuss some extensions of our mechanism, which is in fact a generic network observer and decision maker. A more fundamental issue that we identified from this experience is related to the setting of the criteria for code acceptation. This is in fact a rather generic problem, and one can address it in various way. For instance, one can decide to accept a code based on some authentication rule. We are particularly interested by the issue of resources consummation. Indeed, as an example, the network observer module we designed can be configured to get a more or less fine time granularity, and consequently consume more or less CPU. So, one question is how to prevent abusive (either erroneous or malicious) resource consummation. There is few tentative which try to deal with the resource requirement (bandwidth, CPU, memory, etc.) of a code. The problem is rather complex and hard. It should at least include the monitoring of resource consummation. It requires also a kind of virtual resource model for coding purpose. This issue is, in our opinion, very important. Indeed, we do need a control framework to guarantee not only the correct functionality but also the adequate resource consummation of various codes, in order to be able to deal with future's flexible and/or autonomic networks in a secure and trustable way. Our current research effort on this issue is carried on within the french RNRT/Amarillo project.

Cite as

Ken Chen and Rim Hammi. Some lessons from an experience with active video flow regulation. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, p. 1, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{chen_et_al:DagSemProc.04411.21,
  author =	{Chen, Ken and Hammi, Rim},
  title =	{{Some lessons from an experience with active video flow regulation}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  pages =	{1--1},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.21},
  URN =		{urn:nbn:de:0030-drops-859},
  doi =		{10.4230/DagSemProc.04411.21},
  annote =	{Keywords: active network , video streaming , resource control , responsive control}
}
Document
04411 Preface – Service Management and Self-Organization in IP-based Networks

Authors: Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
Preface to the online proceedings of Dagstuhl Seminar 04411

Cite as

Matthias Bossardt, Georg Carle, David Hutchison, Hermann de Meer, and Bernhard Plattner. 04411 Preface – Service Management and Self-Organization in IP-based Networks. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{bossardt_et_al:DagSemProc.04411.2,
  author =	{Bossardt, Matthias and Carle, Georg and Hutchison, David and Meer, Hermann de and Plattner, Bernhard},
  title =	{{04411 Preface – Service Management and Self-Organization in IP-based Networks}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.2},
  URN =		{urn:nbn:de:0030-drops-827},
  doi =		{10.4230/DagSemProc.04411.2},
  annote =	{Keywords: Service management , self-organization , network management}
}
Document
A dynamically adaptive, unstructured multicast overlay

Authors: Matei Ripeanu, Ian Foster, Adriana Iamnitchi, and Anne Rogers

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
The simplicity of multicast as a communication primitive belies its broad utility as a building block for distributed applications. Nevertheless, creating and maintaining multicast structures can be challenging, particularly when networks are transient and/or dynamic. We introduce a new unstructured multi-source multicast (UMM) overlay approach that we argue is less complex than, but as efficient as, current state-of-the-art solutions based either on structured overlays or on running full routing protocols at the overlay level. UMM builds a base overlay independently from the routing mechanisms employed to route messages. On top of this base overlay, it selects distribution trees for each multicast source by first flooding the base overlay and then using the implicit information contained in duplicated messages to select and filter out redundant tunnels. Simple heuristics are used to maintain and evolve both the base overlay and the multicast distribution trees in response to changes in the set of overlay participants or in underlying network conditions. We experiment on a 65-node PlanetLab deployment and on ModelNet emulated distributed platforms to quantify the overheads associated with UMM operation and to explore its performance and adaptability to changes in the underlying network conditions.

Cite as

Matei Ripeanu, Ian Foster, Adriana Iamnitchi, and Anne Rogers. A dynamically adaptive, unstructured multicast overlay. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, p. 1, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{ripeanu_et_al:DagSemProc.04411.3,
  author =	{Ripeanu, Matei and Foster, Ian and Iamnitchi, Adriana and Rogers, Anne},
  title =	{{A dynamically adaptive, unstructured multicast overlay}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  pages =	{1--1},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.3},
  URN =		{urn:nbn:de:0030-drops-938},
  doi =		{10.4230/DagSemProc.04411.3},
  annote =	{Keywords: multicast overlay , self-organization}
}
  • Refine by Author
  • 8 Carle, Georg
  • 6 Dressler, Falko
  • 4 Kruegel, Christopher
  • 4 Meer, Hermann de
  • 4 Plattner, Bernhard
  • Show More...

  • Refine by Classification

  • Refine by Keyword
  • 8 attack response and countermeasures
  • 8 event correlation
  • 8 flow analysis
  • 7 Intrusion detection and prevention
  • 7 automated security
  • Show More...

  • Refine by Type
  • 33 document

  • Refine by Publication Year
  • 22 2005
  • 8 2008
  • 1 2011
  • 1 2012
  • 1 2013

Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail