Alert correlation is an important technique for managing large the volume of intrusion alerts that are raised by heterogenous Intrusion Detection Systems (IDSs). The recent trend ...
Abstract. We propose a framework for intrusion detection that is based on runtime monitoring of temporal logic specifications. We specify intrusion patterns as formulas in an expre...
This paper describes a parallel algorithm for correlating or “fusing” streams of data from sensors and other sources of information. The algorithm is useful for applications w...
One of the most important steps in attack detection using Intrusion Detection Systems (IDSs) is dealing with huge number of alerts that can be either critical single alerts and mu...
One way to prevent control hijacking attack is to compare a network application’s run-time system calls with a pre-defined normal system call behavior model, and raise an alert...