| 2003 | Ambiguity Resolution via Passive OS Fingerprinting. Greg Taleck |
| 2003 | An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection. Matthew V. Mahoney, Philip K. Chan |
| 2003 | An Approach for Detecting Self-propagating Email Using Anomaly Detection. Ajay Gupta, R. Sekar |
| 2003 | Characterizing the Performance of Network Intrusion Detection Sensors. Lambert Schaelicke, Thomas Slabach, Branden J. Moore, Curt Freeland |
| 2003 | Correlation of Intrusion Symptoms: An Application of Chronicles. Benjamin Morin, Hervé Debar |
| 2003 | Detecting Anomalous Network Traffic with Self-organizing Maps. Manikantan Ramadas, Shawn Ostermann, Brett C. Tjaden |
| 2003 | Mitigating Distributed Denial of Service Attacks Using a Proportional-Integral-Derivative Controller. Marcus Tylutki, Karl N. Levitt |
| 2003 | Modeling Computer Attacks: An Ontology for Intrusion Detection. Jeffrey Undercoffer, Anupam Joshi, John Pinkston |
| 2003 | Recent Advances in Intrusion Detection, 6th International Symposium, RAID 2003, Pittsburgh, PA, USA, September 8-10, 2003, Proceedings Giovanni Vigna, Erland Jonsson, Christopher Krügel |
| 2003 | Statistical Causality Analysis of INFOSEC Alert Data. Xinzhou Qin, Wenke Lee |
| 2003 | Topology-Based Detection of Anomalous BGP Messages. Christopher Krügel, Darren Mutz, William K. Robertson, Fredrik Valeur |
| 2003 | Two Sophisticated Techniques to Improve HMM-Based Intrusion Detection Systems. Sung-Bae Cho, Sang-Jun Han |
| 2003 | Using Decision Trees to Improve Signature-Based Intrusion Detection. Christopher Krügel, Thomas Toth |
| 2003 | Using Specification-Based Intrusion Detection for Automated Response. Ivan Balepin, Sergei Maltsev, Jeff Rowe, Karl N. Levitt |