Assumptions in Intrusion Detection - Blind Spots in Analysis
This paper examines one of the common assumptions made as an intrusion analyst looking at network packet captures and explores the possible avenues which could determine that the assumption may not be as trustworthy as has been previously assumed. This paper attempts to guide the analyst by...