A method for anomaly detection is introduced in which "normal" is defined by short-range correlations in a process' system calls. Initial experiments suggest that t...
Stephanie Forrest, Steven A. Hofmeyr, Anil Somayaj...
In this paper we present a storage based intrusion detection system (IDS) which uses time and space efficient point-intime copy and performs file system integrity checks to detec...
Computer networks have expanded significantly in use and numbers. This expansion makes them more vulnerable to attack by malicious agents. Many current intrusion detection systems...
The timely and accurate detection of computer and network system intrusions has always been an elusive goal for system administrators and information security researchers. Existin...
We introduce a notion, behavioral distance, for evaluating the extent to which processes—potentially running different programs and executing on different platforms—behave si...