Publications
(2010).
(2010).
(2010).
(2010).
(2010).
An Architecture for Exploiting Multi-Core Processors to Parallelize Network Intrusion Prevention.
Concurrency and Computation: Practice and Experience. 21(10), 1255-1279.
(2009).
(2009).
(2009).
(2008).
(2008).
(2008).
An Architecture for Exploiting Multi-Core Processors to Parallelize Network Intrusion Prevention.
1-7.
(2007). The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.
Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2007).
(2007). The Strengths of Weaker Identities: Opportunistic Personas.
Proceedings of USENIX Workshop on Hot Topics in Security (HotSec 07).
(2007). Stress Testing Cluster Bro.
Proceedings of USENiX DETER Community Workshop on Cyber Security Experimentation and Test (DETER 2007).
(2007). binpac: A yacc for Writing Application Protocol Parsers.
Proceedings of the Internet Measurement Conference 2006 (IMC 2006). 289-300.
(2006). Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection.
Proceedings of the 15th USENIX Security Symposium (Security '06).
(2006). Rethinking Hardware Support for Network Analysis and Intrusion Prevention.
Proceedings of the First USENIX Workshop on Hot Topics in Security (HotSec '06).
(2006). Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.
Proceedings of the Fifth ACM Conference on Internet Measurement (IMC 2005). 267-272.
(2005). Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.
Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005). 206-221.
(2005). Exploiting Independent State For Network Intrusion Detection.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005). 59-71.
(2005). Policy-Controlled Event Management for Distributed Intrusion Detection.
Proceedings of the Fourth International Workshop on Distributed Event-Based Systems (DEBS) (ICDCSW'05). 4, 385-391.
(2005).
(2004).
Operational Experiences with High-Volume Network Intrusion Detection.
Proceedings of the 11th ACM Conference on Computer Communications Security (CCS 2004). 11, 2.
(2004). Enhancing Byte-Level Network Intrusion Detection Signatures with Context.
Proceedings of ACM CCS.
(2003).