Abstract. Many host-based anomaly detection systems monitor process execution at the granularity of system calls. Other recently proposed schemes instead verify the destinations of...
Monirul I. Sharif, Kapil Singh, Jonathon T. Giffin...
Intrusion detection systems (IDSs) attempt to identify attacks by comparing collected data to predefined signatures known to be malicious (misuse-based IDSs) or to a model of lega...
In this paper, the problem of measuring normality in HTTP traffic for the purpose of anomaly-based network intrusion detection is addressed. The work carried out is expressed in t...
The function of a Network Intrusion Detection System (NIDS) is to identify any misuse and abnormal behavior determined as an attack to a network segment or network host. The propo...
The effectiveness and precision of network-based intrusion detection signatures can be evaluated either by direct analysis of the signatures (if they are available) or by using bl...
Christopher Kruegel, Davide Balzarotti, William K....