With the continuous evolution of the types of attacks against computer networks, traditional intrusion detection systems, based on pattern matching and static signatures, are incr...
In this paper we propose a peer-to-peer (P2P) prototype (INTCTD) for intrusion detection over an overlay network. INTCTD is a distributed system based on neural networks for detec...
Given a percentage-threshold and readings from a pair of consecutive upstream and downstream sensors, flow anomaly discovery identifies dominant time intervals where the fractio...
James M. Kang, Shashi Shekhar, Christine Wennen, P...
Abstract. In order to detect a compromise of a running process based on it deviating from its program’s normal system-call behavior, an anomaly detector must first be trained wi...
In this paper we discuss a data mining framework for constructing intrusion detection models. The key ideas are to mine system audit data for consistent and useful patterns of pro...