Publications
(2008).
Policy-Controlled Event Management for Distributed Intrusion Detection.
Proceedings of the Fourth International Workshop on Distributed Event-Based Systems (DEBS) (ICDCSW'05). 4, 385-391.
(2005).
(2010). Operational Experiences with High-Volume Network Intrusion Detection.
Proceedings of the 11th ACM Conference on Computer Communications Security (CCS 2004). 11, 2.
(2004).
(2013). The NIDS Cluster: Scalable, Stateful Network Intrusion Detection on Commodity Hardware.
Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID 2007).
(2007).
(2012).
(2014).
(2013). Exploring Tor's Activity Through Long-term Passive TLS Traffic Measurement.
Proceedings of Passive and Active Measurement Conference (PAM).
(2016).
(2013). Exploiting Independent State For Network Intrusion Detection.
Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005). 59-71.
(2005).
(2008). Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.
Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005). 206-221.
(2005). Enhancing Byte-Level Network Intrusion Detection Signatures with Context.
Proceedings of ACM CCS.
(2003). Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection.
Proceedings of the 15th USENIX Security Symposium (Security '06).
(2006).
(2009).
(2010).
(2014). Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.
Proceedings of the Fifth ACM Conference on Internet Measurement (IMC 2005). 267-272.
(2005). binpac: A yacc for Writing Application Protocol Parsers.
Proceedings of the Internet Measurement Conference 2006 (IMC 2006). 289-300.
(2006).
(2014).
(2011).
(2007).
(2015).