In this paper, we propose a new intrusion detection model, which keeps advantages of existing misuse detection model and anomaly detection model and resolves their problems. This ...
Given a large sparse graph, how can we find patterns and anomalies? Several important applications can be modeled as large sparse graphs, e.g., network traffic monitoring, resea...
We present an architecture for detecting “zero-day” worms and viruses in incoming email. Our main idea is to intercept every incoming message, prescan it for potentially danger...
Stelios Sidiroglou, John Ioannidis, Angelos D. Ker...
Abstract. We propose a novel framework of autonomic intrusion detection that fulfills online and adaptive intrusion detection in unlabeled audit data streams. The framework owns a...
Many methods have been developed for monitoring network traffic, both using visualization and statistics. Most of these methods focus on the detection of suspicious or malicious ...