Recent work has shown that conventional operating system audit trails are insufficient to detect low-level network attacks. Because audit trails are typically based upon system c...
Intrusion detection systems rely on a wide variety of observable data to distinguish between legitimate and illegitimate activities. In this paper we study one such observable-seq...
Christina Warrender, Stephanie Forrest, Barak A. P...
— The anomaly-based intrusion detection systems examine current system activity do find deviations from normal system activity. The present paper proposes a method for normal act...
—Computer systems often reach a point at which the relative cost to increase some tunable parameter is no longer worth the corresponding performance benefit. These “knees” t...
Ville Satopaa, Jeannie R. Albrecht, David Irwin, B...
We report on an automated runtime anomaly detection method at the application layer of multi-node computer systems. Although several network management systems are available in th...