Machine learning has great utility within the context of network intrusion detection systems. In this paper, a behavior analysis-based learning framework for host level network in...
Haiyan Qiao, Jianfeng Peng, Chuan Feng, Jerzy W. R...
One way to prevent control hijacking attack is to compare a network application’s run-time system calls with a pre-defined normal system call behavior model, and raise an alert...
We introduce a technique for detecting anomalous patterns in a categorical feature (one that takes values from a finite alphabet). It differs from most anomaly detection methods u...
In this paper we demonstrate that it is possible in general to detect Windows-based malicious program behavior. Since S. Forrest et al. used the N-grams method to classify system ...
Xin Tang, Constantine N. Manikopoulos, Sotirios G....
One of the biggest obstacles faced by user command based anomaly detection techniques is the paucity of data. Gathering command data is a slow process often spanning months or yea...