Publications
 
 (2004).  Operational Experiences with High-Volume Network Intrusion Detection.  
Proceedings of the 11th ACM Conference on Computer Communications Security (CCS 2004). 11, 2.
 
 (2005).  Building a Time Machine for Efficient Recording and Retrieval of High-Volume Network Traffic.  
Proceedings of the Fifth ACM Conference on Internet Measurement (IMC 2005).  267-272.
 
 (2005).  Enhancing the Accuracy of Network-Based Intrusion Detection with Host-Based Context.  
Proceedings of Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2005).  206-221.
 
 (2006).  Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection.  
Proceedings of the 15th USENIX Security Symposium (Security '06).  
 
 (2008).  Enriching Network Security Analysis with Time Travel.  
 183-194.

 ]
]