In order to complement the incomplete training audit trails, model generalization is always utilized to infer more unknown knowledge for intrusion detection. Thus, it is important ...
Abstract. We present an overview of anomaly detection used in computer security, and provide a detailed example of a host-based Intrusion Detection System that monitors file syste...
Salvatore J. Stolfo, Shlomo Hershkop, Linh H. Bui,...
In enterprise environment, security becomes increasingly important and costly. Enterprises are struggling to protect the increasing amount of disparate resources. Simple patchwork ...
Chen Zhao, Yang Chen, Dawei Xu, NuerMaimaiti Heili...
Small to medium enterprises require an internal control mechanism in order to monitor their modus operandi and to analyse whether they are achieving their goals. A tool for the dec...
We argue in favor of the explicit inclusion of suspicion as a concrete concept to be used in the analysis of audit data in order to guide the search for evidence of misuse. Our ap...