A powerful strategy in intrusion detection is the separation of surveillance mechanisms from a site’s policy for processing observed events. The Bro intrusion detection system h...
Whenever an intrusion occurs, the security and value of a computer system is compromised. Network-based attacks make it difficult for legitimate users to access various network ser...
Latifur Khan, Mamoun Awad, Bhavani M. Thuraisingha...
In a Multi-Variant Execution Environment (MVEE), several slightly different versions of the same program are executed in lockstep. While this is done, a monitor compares the behav...
Babak Salamat, Todd Jackson, Andreas Gal, Michael ...
As Grids become increasingly relied upon as critical infrastructure, it is imperative to ensure the highly-available and secure day-to-day operation of the Grid infrastructure. The...
Jonathan C. Rowanhill, Glenn S. Wasson, Zach Hill,...
We argue in favor of the explicit inclusion of suspicion as a concrete concept to be used in the analysis of audit data in order to guide the search for evidence of misuse. Our ap...