Anomaly detection in IP networks, detection of deviations from what is considered normal, is an important complement to misuse detection based on known attack descriptions. Perfor...
This paper describes two recently developed intrusion detection algorithms, and gives experimental results on their performance. The algorithms detect anomalies in execution audit...
Hidden Markov Model (HMM) based applications are common in various areas, but the incorporation of HMM's for anomaly detection is still in its infancy. This paper aims at cla...
Previous methods of network anomaly detection have focused on defining a temporal model of what is "normal," and flagging the "abnormal" activity that does not...
Kevin M. Carter, Richard Lippmann, Stephen W. Boye...
Instead of relying completely on machine intelligence in anomaly event analysis and correlation, in this paper, we take one step back and investigate the possibility of a human-int...
Soon Tee Teoh, Kwan-Liu Ma, Shyhtsun Felix Wu, Dan...