A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is
2008 European Conference on Computer Network Defense
In this paper we propose an intrusion prevention system (IPS) which operates inline and is capable to detect unknown attacks using anomaly detection methods. Incorporated in the framework of a packet filter each incoming packet is analyzed and -according to an internal connection state and a computed anomaly score -either delivered to the production system, redirected to a special hardened system or logged to a network sink for later analysis. Runtime measurements of an actual implementationdoi:10.1109/ec2nd.2008.8 fatcat:dduuwys7prgi3hvxgh6z3t3frq