Research on Intrusion and Anomaly Detection
Related Publications
- [1] eAudit: A Fast, Scalable and Deployable Audit Data Collection System
- R. Sekar, Hanke Kimm and Rohit Aich
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2024. (Software release).
- [2] A New Tag-Based Approach for Real-Time Detection of Advanced Cyber Attacks
- Md Nahid Hossain
PhD Dissertation (Stony Brook University) January, 2022.
- [3] Efficient Audit Data Collection for Linux
- Rohit Aich
Master's Thesis (Stony Brook University) August, 2021.
- [4] On the Effectiveness of Cyber-Attack Campaign Investigation with Reduced Audit Logs
- Maggie Zhou
Undergraduate (Honors) Thesis (Stony Brook University) January, 2021.
- [5] Combating Dependence Explosion in Forensic Analysis Using Alternative Tag Propagation Semantics
- Md Nahid Hossain, Sanaz Sheikhi and R. Sekar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2020. (A 2-minute demo and the conference presentation are also available.).
- [6] HOLMES: Real-time APT Detection through Correlation of Suspicious Information Flows
- Sadegh Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar and V.N. Venkatakrishnan
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2019.
- [7] Dependence-Preserving Data Compaction for Scalable Forensic Analysis
- Md Nahid Hossain, Junao Wang, R. Sekar and Scott D. Stoller
USENIX Security Symposium (USENIX Security) August, 2018. (Talk).
- [8] Hardening OpenStack Cloud Platforms against Compute Node Compromises
- Wai-Kit Sze, Abhinav Srivastava and R. Sekar
ACM Symposium on Information, Computer and Communications Security (ASIACCS) May, 2016.
- [9] Condition Factorization: A Technique for Building Fast and Compact Packet Matching Automata
- Alok Tongaonkar and R. Sekar
IEEE Transactions on Information Forensics and Security (IEEE TIFS) March, 2016.
- [10] Squeezing the Dynamic Loader For Fun And Profit
- Mingwei Zhang and R. Sekar
Technical Report (TR) December, 2015.
- [11] Taint-Enhanced Anomaly Detection
- Lorenzo Cavallaro and R. Sekar
International Conference on Information Systems Security (ICISS) December, 2011.
- [12] Efficient Techniques for Fast Packet Classification
- Alok Tongaonkar
PhD Dissertation (Stony Brook University) August, 2009.
- [13] Fast Packet Classification using Condition Factorization
- Alok Tongaonkar, R. Sekar and Sreenaath Vasudevan
Applied Cryptography and Network Security (ACNS) June, 2009.
- [14] Fast Packet Classification for Snort
- Alok Tongaonkar, Sreenaath Vasudevan and R. Sekar
USENIX Large Installation System Administration Conference (LISA) November, 2008.
- [15] Anomalous Taint Detection (Extended Abstract)
- Lorenzo Cavallaro and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2008. (Full version available as Technical Report SECLAB08-06).
- [16] A Practical Mimicry Attack Against Powerful System-Call Monitors
- Chetan Parampalli, R. Sekar and Rob Johnson
ACM Symposium on Information, Computer and Communications Security (ASIACCS) March, 2008. (Supercedes Technical Report SECLAB07-01).
- [17] Comprehensive Memory Error Protection via Diversity and Taint-Tracking
- Lorenzo Cavallaro
PhD Dissertation (Stony Brook University) February, 2008.
- [18] Dataflow Anomaly Detection
- Sandeep Bhatkar, Abhishek Chaturvedi and R. Sekar
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2006. (Supercedes Technical Report SECLAB-05-03 Improving Attack Detection in Host-Based IDS by Learning Properties of System Call Arguments, July 2005.).
- [19] Using Predators to Combat Worms and Viruses: A Simulation-Based Study
- Ajay Gupta and Daniel DuVarney
Annual Computer Security Applications Conference (ACSAC) December, 2004.
- [20] An Approach for Detecting Self-Propagating Email Using Anomaly Detection
- Ajay Gupta and R. Sekar
Recent Advances in Intrusion Detection (RAID) September, 2003.
- [21] Specification-based anomaly detection: a new approach for detecting network intrusions
- R. Sekar, Ajay Gupta, James Frullo, Tushar Shanbhag, Abhishek Tiwari, Henglin Yang and Sheng Zhou
ACM Conference on Computer and Communications Security (CCS) October, 2002.
- [22] Model-Based Analysis of Configuration Vulnerabilities
- C.R. Ramakrishnan and R. Sekar
Journal of Computer Security (JCS) January, 2002.
- [23] Experiences with Specification Based Intrusion Detection System
- Prem Uppuluri and R. Sekar
Recent Advances in Intrusion Detection (RAID) October, 2001.
- [24] A Fast Automaton-Based~Method for Detecting Anomalous Program Behaviors
- R. Sekar, Mugdha Bendre, Pradeep Bollineni and Dinakar Dhurjati
IEEE Symposium on Security and Privacy (IEEE S&P) May, 2001.
- [25] Model-Based Analysis of Configuration Vulnerabilities
- C.R. Ramakrishnan and R. Sekar
ACM CCS Workshop on Intrusion Detection Systems (WIDS) October, 2000.
- [26] Building Survivable Systems: An Integrated Approach based on Intrusion Detection and Damage Containment
- Thomas Bowen, Dana Chee, Mark Segal, R. Sekar, Tushar Shanbhag and Prem Uppuluri
DISCEX (DISCEX) February, 2000.
- [27] User-Level Infrastructure for System Call Interposition: A Platform for Intrusion Detection and Confinement
- Kapil Jain and R. Sekar
ISOC Network and Distributed Systems Symposium (NDSS) February, 2000.
- [28] A High-Performance Network Intrusion Detection System
- R. Sekar, Guang Yang, Shobhit Verma and Tushar Shanbhag
ACM Conference on Computer and Communications Security (CCS) November, 1999.
- [29] Synthesizing Fast Intrusion Detection/Prevention Systems from High-Level Specifications
- R. Sekar and Prem Uppuluri
USENIX Security Symposium (USENIX Security) August, 1999.
- [30] On Preventing Intrusions by Process Behavior Monitoring
- R. Sekar, Thomas Bowen and Mark Segal
USENIX Intrusion Detection Workshop () April, 1999.
- [31] A Specification-Based Approach for Building Survivable Systems
- R. Sekar, Yong Cai and Mark Segal
National Information Systems Security Conference (NISSC) October, 1998.
- [32] Model-Based Vulnerability Analysis of Computer Systems
- C.R. Ramakrishnan and R. Sekar
Verification, Model Checking, and Abstract Interpretation (VMCAI) September, 1998.
|
|