In this paper we present a new approach to stateful intrusion detection. It is based on a temporal logic which has the capability to express temporary properties, which are propert...
In this paper, the problem of measuring normality in HTTP traffic for the purpose of anomaly-based network intrusion detection is addressed. The work carried out is expressed in t...
This paper addresses the problem of detecting masquerading, a security attack in which an intruder assumes the identity of a legitimate user. Many approaches based on Hidden Marko...
Scott E. Coull, Joel W. Branch, Boleslaw K. Szyman...
A reasonable definition of intrusion is: entering a community to which one does not belong. This suggests that in a network, intrusion attempts may be detected by looking for com...
Qi Ding, Natallia Katenka, Paul Barford, Eric D. K...
Most intrusion detection systems apply the misuse detection approach. Misuse detection compares recorded audit data with predefined patterns denoted as signatures. A signature is ...