STAT Framework Reference Manual
The STAT Framework Reference Manual
contains a general introduction to the STAT Framework, an
administration manual which covers deployment of STAT-based
sensors, and a developers guide which covers the process of
creating new STAT-based sensors.
MetaSTAT Reference Manual
The MetaSTAT Reference Manual
contains an overview of the MetaSTAT architecture.
API Reference
The STAT Core API documents the
programmer's interface to the STAT Core, and is intended mainly for
developers involved in writing new STAT-based sensors.
Papers
- G. Vigna, B. Cassell, and D. Fayram, "An
Intrusion Detection System for Aglets", in Proceedings of the
International Conference on Mobile Agents (MA '02), Barcelona,
Spain, October 2002.
[
PostScript, gzipped ][
PDF ][
BibTeX entry ]
- R.A. Kemmerer and G. Vigna, "Intrusion Detection", in
IEEE Computer, Special Issue on Security and Privacy, 2002.
[ PDF
][ BibTeX
entry ]
- S.T. Eckmann, G. Vigna, and R.A. Kemmerer, "STATL: An Attack
Language for State-based Intrusion Detection," Journal of
Computer Security, vol. 10, no. 1/2, pp. 71-104, 2002
[
PostScript, gzipped ][
BibTeX entry ]
- S.T. Eckmann, "Translating Snort rules to STATL
scenarios", presented at the 4th International Symposium on
Recent Advances in Intrusion Detection (RAID 2001), Davis, CA,
October 2001, LNCS 2212, pp. 69-84.
[ PDF, gzipped
][ BibTeX entry
]
- G. Vigna, R.A. Kemmerer, and P. Blix, "Designing a Web of
Highly-Configurable Intrusion Detection Sensors," in
Proceedings of the Workshop on Recent Advances in Intrusion
Detection (RAID 2001), Davis, CA, October 2001.
[
PostScript, gzipped ][
BibTeX entry ]
- S.T. Eckmann, G. Vigna, and R.A. Kemmerer, "STATL Syntax and
Semantics," Computer Science Dep., University of California
Santa Barbara, Technical Report TRCS20-19, December 2000.
[
Abstract ][ Postscript
][
BibTeX entry ]
- S.T. Eckmann, G. Vigna, and R.A. Kemmerer, "STATL: An Attack
Language for State-based Intrusion Detection," in Proceedings
of the ACM Workshop on Intrusion Detection, Athens, Greece,
November 2000.
[
PostScript, gzipped ][
BibTeX entry ]
- G. Vigna, S.T. Eckmann, and R.A. Kemmerer, "Attack
Languages," in Proceedings of the IEEE Information
Survivability Workshop, Boston, MA, October 2000.
[
PostScript, gzipped ][
BibTeX entry ]
- G. Vigna, S.T. Eckmann, and R.A. Kemmerer, "The STAT Tool
Suite," in Proceedings of DISCEX 2000, Hilton Head, South
Carolina, January 2000, IEEE Press.
[
PostScript, gzipped ][
BibTeX entry ]
- G. Vigna and R.A. Kemmerer, "NetSTAT: A Network-based
Intrusion Detection System," Journal of Computer Security,
7(1), IOS Press, 1999.
[
PostScript, gzipped ][
BibTeX entry ]
- G. Vigna and R. Kemmerer, "NetSTAT: A Network-based
Intrusion Detection Approach," in Proceedings of the
14th Annual Computer Security Application Conference,
Scottsdale, Arizona, December 1998.
This paper won the Outstanding Paper Award.
[
PostScript, gzipped ][
PDF, gzipped ][
BibTeX entry ][
Presentation, PDF, gzipped ]
- R.A. Kemmerer, "NSTAT: A Model-based Real-time Network
Intrusion Detection System," Computer Science Dep., University
of California Santa Barbara, Technical Report TRCS97-18, November
1997.
[
Abstract ][ Postscript
]
- K. Ilgun, R.A. Kemmerer, and P.A. Porras, "State Transition
Analysis: A Rule-Based Intrusion Detection Approach," IEEE
Transaction on Software Engineering, 21(3), March 1995.
[
Postscript, gzipped ][
BibTeX entry ]
- K. Ilgun, "USTAT: A real-time intrusion detection system for
UNIX," in Proceedings of the IEEE Symposium on Research on
Security and Privacy, Oakland, CA, May 1993.
[ PDF
][ BibTeX
entry ]
- K. Ilgun, "USTAT: A real-time intrusion detection system for
UNIX," M.S. thesis, Computer Science Dep., University of
California Santa Barbara, July 1992.
[ Abstract ][ Postscript ][ BibTeX entry ]
- P.A. Porras, "STAT - A state transition analysis tool for
intrusion detection," M.S. thesis, Computer Science Dep.,
University of California Santa Barbara, June 1992.
[ Abstract ][ Postscript ][ BibTeX entry ]
