In this paper we present a simple framework for activity recognition based on a model of multi-layered finite state machines, built on top of a low level image processing module f...
Alert correlation systems are post-processing modules that enable intrusion analysts to find important alerts and filter false positives efficiently from the output of Intrusion...
Machine learning systems offer unparalled flexibility in dealing with evolving input in a variety of applications, such as intrusion detection systems and spam e-mail filtering. H...
Marco Barreno, Blaine Nelson, Russell Sears, Antho...
We present and empirically analyze a machine-learning approach for detecting intrusions on individual computers. Our Winnowbased algorithm continually monitors user and system beh...
We have been developing a data mining (i.e., knowledge discovery) framework, MADAM ID, for Mining Audit Data for Automated Models for Intrusion Detection [LSM98, LSM99b, LSM99a]. ...