TY - GEN
T1 - Nabs
T2 - 20th Annual Computer Security Applications Conference, ACSAC 2004
AU - Shanmugasundaram, Kulesh
AU - Kharrazi, Mehdi
AU - Memon, Nasir
PY - 2004
Y1 - 2004
N2 - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and wide use of tunnels makes it difficult to detect such abuses and easy to circumvent security policies. This paper presents the design and implementation of a system, called Nabs, that characterizes content types of network flows based solely on the payload which can then be used to identify abuses of computing resources. The proposed method does not depend on packet headers or other simple packet characteristics hence is more robust to circumvention.
AB - One of the growing problems faced by network administrators is the abuse of computing resources by authorized and unauthorized personnel. The nature of abuse may vary from using unauthorized applications to serving unauthorized content. Proliferation of peer-to-peer networks and wide use of tunnels makes it difficult to detect such abuses and easy to circumvent security policies. This paper presents the design and implementation of a system, called Nabs, that characterizes content types of network flows based solely on the payload which can then be used to identify abuses of computing resources. The proposed method does not depend on packet headers or other simple packet characteristics hence is more robust to circumvention.
UR - http://www.scopus.com/inward/record.url?scp=21644479389&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=21644479389&partnerID=8YFLogxK
U2 - 10.1109/CSAC.2004.24
DO - 10.1109/CSAC.2004.24
M3 - Conference contribution
AN - SCOPUS:21644479389
SN - 0769522521
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 316
EP - 325
BT - Proceedings - 20th Annual Computer Security Applications Conference, ACSAC 2004
Y2 - 6 December 2004 through 10 December 2004
ER -