Critical infrastructures like the power grid are emerging as collection of existing separated systems of different nature which are interconnected together. Their criticality becom...
Alessandro Daidone, Andrea Bondavalli, Paulo Ver&i...
This paper presents DOME, a host-based technique for detecting several general classes of malicious code in software executables. DOME uses static analysis to identify the locatio...
Jesse C. Rabek, Roger I. Khazan, Scott M. Lewandow...
Models based on system calls are a popular and common approach to characterize the run-time behavior of programs. For example, system calls are used by intrusion detection systems...
Andrea Lanzi, Davide Balzarotti, Christopher Krueg...
Outlier detection can uncover malicious behavior in fields like intrusion detection and fraud analysis. Although there has been a significant amount of work in outlier detection, ...
Linking network flows is an important problem in intrusion detection as well as anonymity. Passive traffic analysis can link flows but requires long periods of observation to r...