An intrusion detection system (IDS) usually has to analyse Giga-bytes of audit information. In the case of anomaly IDS, the information is used to build a user profile characteris...
We argue in favor of the explicit inclusion of suspicion as a concrete concept to be used in the analysis of audit data in order to guide the search for evidence of misuse. Our ap...
Information and infrastructure security is a serious issue of global concern. As the last line of defense for security infrastructure, intrusion detection techniques are paid more...
In this paper, we formulate the problem of summarization of a dataset of transactions with categorical attributes as an optimization problem involving two objective functions - co...
An Intrusion Detection Program (IDP) analyzes what happens or has happened during an execution and tries to find indications that the computer has been misused. In this talk, we p...