3 Search Results for "Sterbenz, James"


Document
4. 8102 Working Group – Attack Taxonomy

Authors: Marc Daciér, Hervé Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, and James Sterbenz

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
The starting point of this working group was the question about the kinds of attacks that can be detected by inspecting in network traffic. In general, we identified four major problems that network-based intrusion detection systems are facing: 1. Encrypted network traffic 2. Application-level attacks 3. Performance 4. Evasion attack.

Cite as

Marc Daciér, Hervé Debar, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Konrad Rieck, and James Sterbenz. 4. 8102 Working Group – Attack Taxonomy. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{dacier_et_al:DagSemProc.08102.4,
  author =	{Daci\'{e}r, Marc and Debar, Herv\'{e} and Holz, Thorsten and Kirda, Engin and Kohlrausch, Jan and Kruegel, Christopher and Rieck, Konrad and Sterbenz, James},
  title =	{{4. 8102 Working Group – Attack Taxonomy}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.4},
  URN =		{urn:nbn:de:0030-drops-14955},
  doi =		{10.4230/DagSemProc.08102.4},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective

Authors: Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, and James Sterbenz

Published in: Dagstuhl Seminar Proceedings, Volume 8102, Perspectives Workshop: Network Attack Detection and Defense (2008)


Abstract
Detection of malicious traffic is based on its input data, the information that is co-ming from network-based monitoring systems. Best detection rates would only be possible by monitoring all data transferred over all network lines in a distributed net-work. Monitoring and reporting this amount of data are feasible in neither today's, nor will be in future's systems. Later analysis like stateful inspection of the traffic imposes even more processing costs. But only at this level of monitoring and analysis there may be a chance to capture all attacks inside a system. So there needs to be a trade-off between detection success and the processing costs.

Cite as

Lothar Braun, Falko Dressler, Thorsten Holz, Engin Kirda, Jan Kohlrausch, Christopher Kruegel, Tobias Limmer, Konrad Rieck, and James Sterbenz. 6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective. In Perspectives Workshop: Network Attack Detection and Defense. Dagstuhl Seminar Proceedings, Volume 8102, pp. 1-4, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2008)


Copy BibTex To Clipboard

@InProceedings{braun_et_al:DagSemProc.08102.6,
  author =	{Braun, Lothar and Dressler, Falko and Holz, Thorsten and Kirda, Engin and Kohlrausch, Jan and Kruegel, Christopher and Limmer, Tobias and Rieck, Konrad and Sterbenz, James},
  title =	{{6. 08102 Working Group – Requirements for Network Monitoring from an IDS Perspective}},
  booktitle =	{Perspectives Workshop: Network Attack Detection and Defense},
  pages =	{1--4},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2008},
  volume =	{8102},
  editor =	{Georg Carle and Falko Dressler and Richard A. Kemmerer and Hartmut K\"{o}nig and Christopher Kruegel},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.08102.6},
  URN =		{urn:nbn:de:0030-drops-14970},
  doi =		{10.4230/DagSemProc.08102.6},
  annote =	{Keywords: Intrusion detection and prevention, attack response and countermeasures, reactive security, automated security, survivability and self-protection, ma network monitoring, flow analysis, denial of service detection and response, event correlation}
}
Document
Peer-to-Peer vs. the Internet: A Discussion on the Proper and Practical Location of Functionality

Authors: James P.G. Sterbenz

Published in: Dagstuhl Seminar Proceedings, Volume 4411, Service Management and Self-Organization in IP-based Networks (2005)


Abstract
Peer-to-peer information sharing has become one of the dominant Internet applications, measured not only in the number of users, but also in the network bandwidth consumed. Thus, it is reasonable to examine the location of support functionality such as self-organisation, resource discovery, multipoint-to-multipoint group communication, forwarding, and routing, to provide the needed service to applications while optimising resource usage in the network. This position paper is intended to stimulate discussion in two related areas: First, where {\em should} functionality to support peer-to-peer applications be located: in the network, or as an application overlay among end systems. Second, where {\em can} functionality be located, given the practical constraints of the modern Internet including closed systems and middleboxes, as well as administrative, legal, and social issues. We will discuss the performance implications of these decisions, including whether low latency bounds for delay sensitive peer-to-peer applications (such as distributed network computing) can ever be achieved in this environment.

Cite as

James P.G. Sterbenz. Peer-to-Peer vs. the Internet: A Discussion on the Proper and Practical Location of Functionality. In Service Management and Self-Organization in IP-based Networks. Dagstuhl Seminar Proceedings, Volume 4411, pp. 1-10, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2005)


Copy BibTex To Clipboard

@InProceedings{sterbenz:DagSemProc.04411.14,
  author =	{Sterbenz, James P.G.},
  title =	{{Peer-to-Peer vs. the Internet: A Discussion on the Proper and Practical Location of Functionality}},
  booktitle =	{Service Management and Self-Organization in IP-based Networks},
  pages =	{1--10},
  series =	{Dagstuhl Seminar Proceedings (DagSemProc)},
  ISSN =	{1862-4405},
  year =	{2005},
  volume =	{4411},
  editor =	{Matthias Bossardt and Georg Carle and D. Hutchison and Hermann de Meer and Bernhard Plattner},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops-dev.dagstuhl.de/entities/document/10.4230/DagSemProc.04411.14},
  URN =		{urn:nbn:de:0030-drops-1156},
  doi =		{10.4230/DagSemProc.04411.14},
  annote =	{Keywords: network architecture , peer-to-peer , client/server , nd-to-end arguments , protocol layering , policy , ussle}
}
  • Refine by Author
  • 2 Holz, Thorsten
  • 2 Kirda, Engin
  • 2 Kohlrausch, Jan
  • 2 Kruegel, Christopher
  • 2 Rieck, Konrad
  • Show More...

  • Refine by Classification

  • Refine by Keyword
  • 2 Intrusion detection and prevention
  • 2 attack response and countermeasures
  • 2 automated security
  • 2 denial of service detection and response
  • 2 event correlation
  • Show More...

  • Refine by Type
  • 3 document

  • Refine by Publication Year
  • 2 2008
  • 1 2005

Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail