Publications
Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics (HTML).
Proceedings of USENIX Security Symposium 2001.
(2001).
(2000).
Detecting Backdoors.
Proceedings of the Ninth USENIX Security Symposium.
(2000). Detecting Stepping Stones.
Proceedings of the Ninth USENIX Security Symposium.
(2000). Experiences with NIMI.
Proceedings of the Passive & Active Measurement (PAM 2000).
(2000). Experiences with NIMI.
Proceedings of Passive & Active Measurement.
(2000).
(2000).
(2000).
(2000).
(2000).
(2000). An Architecture for a Global Internet Host Distance Estimation Service.
Proceedings of IEEE INFOCOM.
(1999).
(1999). End-to-End Internet Packet Dynamics.
IEEE/ACM Transactions on Networking. 7(3), 277-292.
(1999). On Estimating End-to-End Network Path Properties.
ACM SIGCOMM.
(1999).
(1999).
(1999).
(1999). An Architecture for Large-Scale Internet Measurement.
IEEE Communications. 36(8), 48-54.
(1998). Bro: A System for Detecting Network Intruders in Real-Time.
Proceedings of the 7th USENIX Security Symposium.
(1998). On Calibrating Measurements of Packet Transit Times.
Proceedings of the International Conference on Measurement and Modeling of Computer Systems (SIGMETRICS '98). 11-21.
(1998). Creating a Scalable Architecture for Internet Measurement.
Proceedings of the Internet Summit (INET '98).
(1998).
(1998).
(1998).
(1998).