Abstract. We present an overview of anomaly detection used in computer security, and provide a detailed example of a host-based Intrusion Detection System that monitors file syste...
Salvatore J. Stolfo, Shlomo Hershkop, Linh H. Bui,...
Intrusion detection is a critical component of secure information systems. Network anomaly detection has been an active and difficult research topic in the field of Intrusion Dete...
In 2002, DARPA put together a challenging proposition to the research community: demonstrate using an existing information system and available DARPA developed and other COTS tech...
Paul Rubel, Michael Atighetchi, Partha Pratim Pal,...
Intrusion detection systems are fundamentally passive and fail–open. Because their primary task is classification, they do nothing to prevent an attack from succeeding. An intru...
Michael E. Locasto, Ke Wang, Angelos D. Keromytis,...
Network intrusion detection systems typically detect worms by examining packet or flow logs for known signatures. Not only does this approach mean worms cannot be detected until ...