Large scale distributed systems typically have interactions among different services that create an avenue for propagation of a failure from one service to another. The failures ...
Common practice in anomaly-based intrusion detection assumes that one size fits all: a single anomaly detector should detect all anomalies. Compensation for any performance short...
As the Internet grows at a very rapid pace, so does the incidence of attack events and documented unlawful intrusions. The Network Intrusion Detection Systems (NIDSes) are designe...
We define the problem of inferring a “mixture of Markov chains” based on observing a stream of interleaved outputs from these chains. We show a sharp characterization of the i...
Abstract. Monitoring unused or dark IP addresses offers opportunities to significantly improve and expand knowledge of abuse activity without many of the problems associated with ...