In applications such as fraud and intrusion detection, it is of great interest to measure the evolving trends in the data. We consider the problem of quantifying changes between tw...
We present and empirically analyze a machine-learning approach for detecting intrusions on individual computers. Our Winnowbased algorithm continually monitors user and system beh...
— Polymorphic worms can change their byte sequence as they replicate and propagate, thwarting the traditional signature analysis techniques used by many intrusion detection syste...
Remote code-injection attacks are one of the most frequently used attacking vectors in computer security. To detect and analyze injected code (often called shellcode), some researc...
The function of a Network Intrusion Detection System (NIDS) is to identify any misuse and abnormal behavior determined as an attack to a network segment or network host. The propo...