A method for anomaly detection is introduced in which "normal" is defined by short-range correlations in a process' system calls. Initial experiments suggest that t...
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaj...
An intrusion detection system (IDS) usually has to analyse Giga-bytes of audit information. In the case of anomaly IDS, the information is used to build a user profile characteris...
One of the biggest obstacles faced by user command based anomaly detection techniques is the paucity of data. Gathering command data is a slow process often spanning months or yea...
The deployment and use of Anomaly Detection (AD) sensors often requires the intervention of a human expert to manually calibrate and optimize their performance. Depending on the si...
Gabriela F. Cretu-Ciocarlie, Angelos Stavrou, Mich...
Whenever an intrusion occurs, the security and value of a computer system is compromised. Network-based attacks make it difficult for legitimate users to access various network ser...
Latifur Khan, Mamoun Awad, Bhavani M. Thuraisingha...