Featuring 3 Papers as of January 9, 2017
Network Inspection of Duplicate Packets STI Graduate Student Research
by Randy Devlin - November 11, 2016
Network Intrusion Analysis enables a security analyst to review network traffic for protocol conformity and anomalous behavior. The analyst’s goal is to detect network intrusion activity in near-real time. The detection provides details as to who the attackers are, the attack type, and potential remediation responses. Is it possible that a network security stack could render the analyst “blind” to detecting intrusions? This paper will review architecture, traffic flow, and inspection processes. Architecture review validates proper sensor placement for inspection. Traffic flow analyzes sources and destinations, approved applications, and known traffic patterns. Inspection process evaluates protocols and packet specific details. The combination of these activities can reveal scenarios that potentially result in limitations of network security inspection and analysis.
Intrusion Detection and Prevention Systems Cheat Sheet: Choosing the Best Solution, Common Misconfigurations, Evasion Techniques, and Recommendations. STI Graduate Student Research
by Phillip Bosco - January 25, 2016
There are many decisions a company must make while choosing an Intrusion Detection System (IDS) or Intrusion Prevention System (IPS) for their infrastructure. Pricing questions will arise to determine if it will fit into their budget.
Network Security: Theory Versus Practice Analyst Paper
by James Tarala - May 6, 2011
- Sponsored By: BreakingPoint
Survey makes it clear that network security personnel are not consistent about validating the resiliency – performance, security, and stability – of the devices and systems that go into their network and data center infrastructures.
Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
All papers are copyrighted. No re-posting or distribution of papers is permitted.